{"url":"http://public2.vulnerablecode.io/api/packages/108305?format=json","purl":"pkg:deb/debian/xterm@366-1%2Bdeb11u1?distro=trixie","type":"deb","namespace":"debian","name":"xterm","version":"366-1+deb11u1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"0","latest_non_vulnerable_version":"410-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15772?format=json","vulnerability_id":"VCID-dj1u-myrg-mbhr","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40359.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40359.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-40359","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38983","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-40359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40359"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2232648","reference_id":"2232648","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2232648"},{"reference_url":"https://invisible-island.net/xterm/xterm.log.html#xterm_380","reference_id":"xterm.log.html#xterm_380","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-10-09T14:50:11Z/"}],"url":"https://invisible-island.net/xterm/xterm.log.html#xterm_380"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108313?format=json","purl":"pkg:deb/debian/xterm@382-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@382-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108307?format=json","purl":"pkg:deb/debian/xterm@398-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@398-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108306?format=json","purl":"pkg:deb/debian/xterm@410-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@410-1%3Fdistro=trixie"}],"aliases":["CVE-2023-40359"],"risk_score":0.8,"exploitability":"0.5","weighted_severity":"1.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dj1u-myrg-mbhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/12580?format=json","vulnerability_id":"VCID-vxwe-yf1g-dbah","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45063.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45063.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-45063","reference_id":"","reference_type":"","scores":[{"value":"0.14033","scoring_system":"epss","scoring_elements":"0.94508","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-45063"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45063","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-45063"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.openwall.com/lists/oss-security/2022/11/10/1","reference_id":"1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-17T14:34:56Z/"}],"url":"https://www.openwall.com/lists/oss-security/2022/11/10/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/10/1","reference_id":"1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-17T14:34:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/10/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/06/15/1","reference_id":"1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-17T14:34:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/06/15/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/06/17/1","reference_id":"1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-17T14:34:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/06/17/1"},{"reference_url":"https://security.gentoo.org/glsa/202211-09","reference_id":"202211-09","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-17T14:34:56Z/"}],"url":"https://security.gentoo.org/glsa/202211-09"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142474","reference_id":"2142474","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2142474"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TPVNTYFFWNTGZJJQAA4MGGFSTXA4XEA/","reference_id":"4TPVNTYFFWNTGZJJQAA4MGGFSTXA4XEA","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-17T14:34:56Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4TPVNTYFFWNTGZJJQAA4MGGFSTXA4XEA/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2022/11/10/5","reference_id":"5","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-17T14:34:56Z/"}],"url":"http://www.openwall.com/lists/oss-security/2022/11/10/5"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5T2JI5JCHPTXX2KJU45H2XAHQSFVEJ2Y/","reference_id":"5T2JI5JCHPTXX2KJU45H2XAHQSFVEJ2Y","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-17T14:34:56Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5T2JI5JCHPTXX2KJU45H2XAHQSFVEJ2Y/"},{"reference_url":"https://news.ycombinator.com/item?id=33546415","reference_id":"item?id=33546415","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-17T14:34:56Z/"}],"url":"https://news.ycombinator.com/item?id=33546415"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IVD3I2ZFXGOY6BA2FNS7WPFMPFBDHFWC/","reference_id":"IVD3I2ZFXGOY6BA2FNS7WPFMPFBDHFWC","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-17T14:34:56Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IVD3I2ZFXGOY6BA2FNS7WPFMPFBDHFWC/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7427","reference_id":"RHSA-2025:7427","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:7427"},{"reference_url":"https://invisible-island.net/xterm/xterm.log.html","reference_id":"xterm.log.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-06-17T14:34:56Z/"}],"url":"https://invisible-island.net/xterm/xterm.log.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108312?format=json","purl":"pkg:deb/debian/xterm@375-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@375-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108303?format=json","purl":"pkg:deb/debian/xterm@379-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dj1u-myrg-mbhr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@379-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108307?format=json","purl":"pkg:deb/debian/xterm@398-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@398-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108306?format=json","purl":"pkg:deb/debian/xterm@410-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@410-1%3Fdistro=trixie"}],"aliases":["CVE-2022-45063"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vxwe-yf1g-dbah"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200545?format=json","vulnerability_id":"VCID-8c89-spgv-5uf9","summary":"The default configuration of xterm on Debian GNU/Linux sid and possibly Ubuntu enables the allowWindowOps resource, which allows user-assisted attackers to execute arbitrary code or have unspecified other impact via escape sequences.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7236.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-7236.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-7236","reference_id":"","reference_type":"","scores":[{"value":"0.09164","scoring_system":"epss","scoring_elements":"0.92873","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-7236"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7236","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7236"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510030","reference_id":"510030","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510030"},{"reference_url":"https://usn.ubuntu.com/703-1/","reference_id":"USN-703-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/703-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108304?format=json","purl":"pkg:deb/debian/xterm@238-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@238-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108305?format=json","purl":"pkg:deb/debian/xterm@366-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dj1u-myrg-mbhr"},{"vulnerability":"VCID-vxwe-yf1g-dbah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@366-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108303?format=json","purl":"pkg:deb/debian/xterm@379-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dj1u-myrg-mbhr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@379-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108307?format=json","purl":"pkg:deb/debian/xterm@398-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@398-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108306?format=json","purl":"pkg:deb/debian/xterm@410-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@410-1%3Fdistro=trixie"}],"aliases":["CVE-2006-7236"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8c89-spgv-5uf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219328?format=json","vulnerability_id":"VCID-93aj-9cv6-nqcv","summary":"xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in Debian GNU/Linux, sets the wrong group ownership of tty devices, which allows local users to write data to other users' terminals.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2797.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2797.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2797","reference_id":"","reference_type":"","scores":[{"value":"0.00104","scoring_system":"epss","scoring_elements":"0.27953","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2797"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=239070","reference_id":"239070","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=239070"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0701","reference_id":"RHSA-2007:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0701"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108308?format=json","purl":"pkg:deb/debian/xterm@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108305?format=json","purl":"pkg:deb/debian/xterm@366-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dj1u-myrg-mbhr"},{"vulnerability":"VCID-vxwe-yf1g-dbah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@366-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108303?format=json","purl":"pkg:deb/debian/xterm@379-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dj1u-myrg-mbhr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@379-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108307?format=json","purl":"pkg:deb/debian/xterm@398-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@398-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108306?format=json","purl":"pkg:deb/debian/xterm@410-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@410-1%3Fdistro=trixie"}],"aliases":["CVE-2007-2797"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-93aj-9cv6-nqcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/11578?format=json","vulnerability_id":"VCID-9hmh-znnb-bqhs","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24130.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24130.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24130","reference_id":"","reference_type":"","scores":[{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58431","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24130"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24130","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24130"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004689","reference_id":"1004689","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004689"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2048676","reference_id":"2048676","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2048676"},{"reference_url":"https://security.gentoo.org/glsa/202208-22","reference_id":"GLSA-202208-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14075","reference_id":"RHSA-2025:14075","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14075"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108305?format=json","purl":"pkg:deb/debian/xterm@366-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dj1u-myrg-mbhr"},{"vulnerability":"VCID-vxwe-yf1g-dbah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@366-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108311?format=json","purl":"pkg:deb/debian/xterm@370-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@370-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108303?format=json","purl":"pkg:deb/debian/xterm@379-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dj1u-myrg-mbhr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@379-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108307?format=json","purl":"pkg:deb/debian/xterm@398-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@398-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108306?format=json","purl":"pkg:deb/debian/xterm@410-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@410-1%3Fdistro=trixie"}],"aliases":["CVE-2022-24130"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9hmh-znnb-bqhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/9243?format=json","vulnerability_id":"VCID-c5d7-4s8m-dkc1","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27135.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27135.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27135","reference_id":"","reference_type":"","scores":[{"value":"0.00722","scoring_system":"epss","scoring_elements":"0.72984","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27135"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27135","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27135"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1927559","reference_id":"1927559","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1927559"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982439","reference_id":"982439","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=982439"},{"reference_url":"https://security.archlinux.org/AVG-1565","reference_id":"AVG-1565","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1565"},{"reference_url":"https://security.gentoo.org/glsa/202208-22","reference_id":"GLSA-202208-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202208-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0611","reference_id":"RHSA-2021:0611","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0617","reference_id":"RHSA-2021:0617","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0650","reference_id":"RHSA-2021:0650","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0651","reference_id":"RHSA-2021:0651","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0651"},{"reference_url":"https://usn.ubuntu.com/4746-1/","reference_id":"USN-4746-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4746-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108310?format=json","purl":"pkg:deb/debian/xterm@366-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@366-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108305?format=json","purl":"pkg:deb/debian/xterm@366-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dj1u-myrg-mbhr"},{"vulnerability":"VCID-vxwe-yf1g-dbah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@366-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108303?format=json","purl":"pkg:deb/debian/xterm@379-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dj1u-myrg-mbhr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@379-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108307?format=json","purl":"pkg:deb/debian/xterm@398-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@398-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108306?format=json","purl":"pkg:deb/debian/xterm@410-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@410-1%3Fdistro=trixie"}],"aliases":["CVE-2021-27135"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c5d7-4s8m-dkc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/219327?format=json","vulnerability_id":"VCID-n267-my6k-7bga","summary":"xterm on Slackware Linux 10.2 stores information that had been displayed for a different user account using the same xterm process, which might allow local users to bypass file permissions and read other users' files, or obtain other sensitive information, by reading the xterm process memory.  NOTE: it could be argued that this is an expected consequence of multiple users sharing the same interactive process, in which case this is not a vulnerability.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0823.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0823.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0823","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15262","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0823"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108308?format=json","purl":"pkg:deb/debian/xterm@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108305?format=json","purl":"pkg:deb/debian/xterm@366-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dj1u-myrg-mbhr"},{"vulnerability":"VCID-vxwe-yf1g-dbah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@366-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108303?format=json","purl":"pkg:deb/debian/xterm@379-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dj1u-myrg-mbhr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@379-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108307?format=json","purl":"pkg:deb/debian/xterm@398-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@398-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108306?format=json","purl":"pkg:deb/debian/xterm@410-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@410-1%3Fdistro=trixie"}],"aliases":["CVE-2007-0823"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n267-my6k-7bga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/181243?format=json","vulnerability_id":"VCID-yfzq-fxdm-uuck","summary":"An error in the processing of special sequences in xterm may lead to\n    arbitrary commands execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2383.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2383.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2383","reference_id":"","reference_type":"","scores":[{"value":"0.01777","scoring_system":"epss","scoring_elements":"0.83095","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2383"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2383"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=478888","reference_id":"478888","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=478888"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510030","reference_id":"510030","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=510030"},{"reference_url":"https://security.gentoo.org/glsa/200902-04","reference_id":"GLSA-200902-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200902-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0018","reference_id":"RHSA-2009:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0019","reference_id":"RHSA-2009:0019","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0019"},{"reference_url":"https://usn.ubuntu.com/703-1/","reference_id":"USN-703-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/703-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/108309?format=json","purl":"pkg:deb/debian/xterm@238-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@238-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108305?format=json","purl":"pkg:deb/debian/xterm@366-1%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dj1u-myrg-mbhr"},{"vulnerability":"VCID-vxwe-yf1g-dbah"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@366-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108303?format=json","purl":"pkg:deb/debian/xterm@379-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dj1u-myrg-mbhr"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@379-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108307?format=json","purl":"pkg:deb/debian/xterm@398-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@398-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/108306?format=json","purl":"pkg:deb/debian/xterm@410-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@410-1%3Fdistro=trixie"}],"aliases":["CVE-2008-2383"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yfzq-fxdm-uuck"}],"risk_score":"2.2","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xterm@366-1%252Bdeb11u1%3Fdistro=trixie"}