{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","type":"deb","namespace":"debian","name":"exim4","version":"4.99.2-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45525?format=json","vulnerability_id":"VCID-1ev3-fe86-93e3","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28022","reference_id":"","reference_type":"","scores":[{"value":"0.0201","scoring_system":"epss","scoring_elements":"0.8366","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0201","scoring_system":"epss","scoring_elements":"0.83632","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0201","scoring_system":"epss","scoring_elements":"0.83645","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84337","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84355","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84347","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84344","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84366","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84369","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84395","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84405","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.8441","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.8443","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.8431","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02179","scoring_system":"epss","scoring_elements":"0.84331","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"},{"reference_url":"https://usn.ubuntu.com/4934-2/","reference_id":"USN-4934-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28022"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ev3-fe86-93e3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45532?format=json","vulnerability_id":"VCID-1kpw-zhj4-jfaz","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28026","reference_id":"","reference_type":"","scores":[{"value":"0.03938","scoring_system":"epss","scoring_elements":"0.88294","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03938","scoring_system":"epss","scoring_elements":"0.88309","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03938","scoring_system":"epss","scoring_elements":"0.88286","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0426","scoring_system":"epss","scoring_elements":"0.88813","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0426","scoring_system":"epss","scoring_elements":"0.88825","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0426","scoring_system":"epss","scoring_elements":"0.8882","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0426","scoring_system":"epss","scoring_elements":"0.88791","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0426","scoring_system":"epss","scoring_elements":"0.88808","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0426","scoring_system":"epss","scoring_elements":"0.88834","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0426","scoring_system":"epss","scoring_elements":"0.88832","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04287","scoring_system":"epss","scoring_elements":"0.88898","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04287","scoring_system":"epss","scoring_elements":"0.88867","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04287","scoring_system":"epss","scoring_elements":"0.88884","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04287","scoring_system":"epss","scoring_elements":"0.8889","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04287","scoring_system":"epss","scoring_elements":"0.88891","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28026"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"},{"reference_url":"https://usn.ubuntu.com/4934-2/","reference_id":"USN-4934-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28026"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1kpw-zhj4-jfaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45533?format=json","vulnerability_id":"VCID-1tqm-3s38-fqcn","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27216","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17639","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17843","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17821","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17785","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17873","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17961","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18022","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18038","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17993","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17943","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17886","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17897","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17934","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21308","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21364","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00069","scoring_system":"epss","scoring_elements":"0.21156","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-27216"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27216","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27216"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"},{"reference_url":"https://usn.ubuntu.com/4934-2/","reference_id":"USN-4934-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-27216"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1tqm-3s38-fqcn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48314?format=json","vulnerability_id":"VCID-2qea-x4nk-zfba","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"http://exim.org/static/doc/security/CVE-2019-15846.txt","reference_id":"","reference_type":"","scores":[],"url":"http://exim.org/static/doc/security/CVE-2019-15846.txt"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00024.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00024.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15846.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15846.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15846","reference_id":"","reference_type":"","scores":[{"value":"0.63989","scoring_system":"epss","scoring_elements":"0.98443","published_at":"2026-05-05T12:55:00Z"},{"value":"0.63989","scoring_system":"epss","scoring_elements":"0.98432","published_at":"2026-04-13T12:55:00Z"},{"value":"0.63989","scoring_system":"epss","scoring_elements":"0.98433","published_at":"2026-04-12T12:55:00Z"},{"value":"0.63989","scoring_system":"epss","scoring_elements":"0.98437","published_at":"2026-04-16T12:55:00Z"},{"value":"0.63989","scoring_system":"epss","scoring_elements":"0.98436","published_at":"2026-04-18T12:55:00Z"},{"value":"0.63989","scoring_system":"epss","scoring_elements":"0.98439","published_at":"2026-04-29T12:55:00Z"},{"value":"0.63989","scoring_system":"epss","scoring_elements":"0.9844","published_at":"2026-04-26T12:55:00Z"},{"value":"0.6448","scoring_system":"epss","scoring_elements":"0.98448","published_at":"2026-04-08T12:55:00Z"},{"value":"0.6448","scoring_system":"epss","scoring_elements":"0.9845","published_at":"2026-04-09T12:55:00Z"},{"value":"0.6448","scoring_system":"epss","scoring_elements":"0.98458","published_at":"2026-04-21T12:55:00Z"},{"value":"0.6448","scoring_system":"epss","scoring_elements":"0.98438","published_at":"2026-04-01T12:55:00Z"},{"value":"0.6448","scoring_system":"epss","scoring_elements":"0.9844","published_at":"2026-04-02T12:55:00Z"},{"value":"0.6448","scoring_system":"epss","scoring_elements":"0.98443","published_at":"2026-04-04T12:55:00Z"},{"value":"0.6448","scoring_system":"epss","scoring_elements":"0.98445","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-15846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15846"},{"reference_url":"https://exim.org/static/doc/security/CVE-2019-15846.txt","reference_id":"","reference_type":"","scores":[],"url":"https://exim.org/static/doc/security/CVE-2019-15846.txt"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2019/09/msg00004.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FT3GY7V7SR2RHKNZNQCGXFWUSILVSZNU/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FT3GY7V7SR2RHKNZNQCGXFWUSILVSZNU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDF37AUNETIOXY6ZLQAUBGBVUTMMV242/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NDF37AUNETIOXY6ZLQAUBGBVUTMMV242/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SBNHDAF74RI6VK2JVSEIE3VYNL7JJDYM/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SBNHDAF74RI6VK2JVSEIE3VYNL7JJDYM/"},{"reference_url":"https://seclists.org/bugtraq/2019/Sep/13","reference_id":"","reference_type":"","scores":[],"url":"https://seclists.org/bugtraq/2019/Sep/13"},{"reference_url":"https://www.debian.org/security/2019/dsa-4517","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2019/dsa-4517"},{"reference_url":"https://www.kb.cert.org/vuls/id/672565","reference_id":"","reference_type":"","scores":[],"url":"https://www.kb.cert.org/vuls/id/672565"},{"reference_url":"https://www.openwall.com/lists/oss-security/2019/09/06/1","reference_id":"","reference_type":"","scores":[],"url":"https://www.openwall.com/lists/oss-security/2019/09/06/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/09/06/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/09/06/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/09/06/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/09/06/4"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/09/06/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/09/06/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/09/06/6","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/09/06/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/09/06/8","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/09/06/8"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/09/07/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/09/07/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/09/07/2","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/09/07/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/09/08/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/09/08/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/09/09/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2019/09/09/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748397","reference_id":"1748397","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1748397"},{"reference_url":"https://security.archlinux.org/ASA-201909-3","reference_id":"ASA-201909-3","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201909-3"},{"reference_url":"https://security.archlinux.org/AVG-1037","reference_id":"AVG-1037","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1037"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-15846","reference_id":"CVE-2019-15846","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-15846"},{"reference_url":"https://security.gentoo.org/glsa/201909-06","reference_id":"GLSA-201909-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-06"},{"reference_url":"https://usn.ubuntu.com/4124-1/","reference_id":"USN-4124-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4124-1/"},{"reference_url":"https://usn.ubuntu.com/4124-2/","reference_id":"USN-4124-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4124-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586746?format=json","purl":"pkg:deb/debian/exim4@4.92.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2019-15846"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2qea-x4nk-zfba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45524?format=json","vulnerability_id":"VCID-3z7r-efh2-tyf9","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28021","reference_id":"","reference_type":"","scores":[{"value":"0.06476","scoring_system":"epss","scoring_elements":"0.91133","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06476","scoring_system":"epss","scoring_elements":"0.91111","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06476","scoring_system":"epss","scoring_elements":"0.91125","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06476","scoring_system":"epss","scoring_elements":"0.91123","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06476","scoring_system":"epss","scoring_elements":"0.91118","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06476","scoring_system":"epss","scoring_elements":"0.91057","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06476","scoring_system":"epss","scoring_elements":"0.91069","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06476","scoring_system":"epss","scoring_elements":"0.91075","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06476","scoring_system":"epss","scoring_elements":"0.91084","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06476","scoring_system":"epss","scoring_elements":"0.91085","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06476","scoring_system":"epss","scoring_elements":"0.91109","published_at":"2026-04-18T12:55:00Z"},{"value":"0.07645","scoring_system":"epss","scoring_elements":"0.91855","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07645","scoring_system":"epss","scoring_elements":"0.91862","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07645","scoring_system":"epss","scoring_elements":"0.91847","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28021"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3z7r-efh2-tyf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56931?format=json","vulnerability_id":"VCID-55h7-dczu-rfhe","summary":"Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42115.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42115.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-42115","reference_id":"","reference_type":"","scores":[{"value":"0.70686","scoring_system":"epss","scoring_elements":"0.98712","published_at":"2026-05-05T12:55:00Z"},{"value":"0.70686","scoring_system":"epss","scoring_elements":"0.98701","published_at":"2026-04-21T12:55:00Z"},{"value":"0.70686","scoring_system":"epss","scoring_elements":"0.98705","published_at":"2026-04-24T12:55:00Z"},{"value":"0.70686","scoring_system":"epss","scoring_elements":"0.98707","published_at":"2026-04-26T12:55:00Z"},{"value":"0.70686","scoring_system":"epss","scoring_elements":"0.98708","published_at":"2026-04-29T12:55:00Z"},{"value":"0.70686","scoring_system":"epss","scoring_elements":"0.98691","published_at":"2026-04-07T12:55:00Z"},{"value":"0.70686","scoring_system":"epss","scoring_elements":"0.98692","published_at":"2026-04-08T12:55:00Z"},{"value":"0.70686","scoring_system":"epss","scoring_elements":"0.98693","published_at":"2026-04-09T12:55:00Z"},{"value":"0.70686","scoring_system":"epss","scoring_elements":"0.98695","published_at":"2026-04-11T12:55:00Z"},{"value":"0.70686","scoring_system":"epss","scoring_elements":"0.98696","published_at":"2026-04-12T12:55:00Z"},{"value":"0.70686","scoring_system":"epss","scoring_elements":"0.98697","published_at":"2026-04-13T12:55:00Z"},{"value":"0.70686","scoring_system":"epss","scoring_elements":"0.987","published_at":"2026-04-16T12:55:00Z"},{"value":"0.72904","scoring_system":"epss","scoring_elements":"0.98772","published_at":"2026-04-04T12:55:00Z"},{"value":"0.72904","scoring_system":"epss","scoring_elements":"0.98769","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-42115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241525","reference_id":"2241525","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241525"},{"reference_url":"https://security.gentoo.org/glsa/202402-18","reference_id":"GLSA-202402-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-18"},{"reference_url":"https://usn.ubuntu.com/6411-1/","reference_id":"USN-6411-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6411-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1469/","reference_id":"ZDI-23-1469","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-09-20T19:32:20Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1469/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583814?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583815?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583816?format=json","purl":"pkg:deb/debian/exim4@4.97~RC1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.97~RC1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-42115"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-55h7-dczu-rfhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57178?format=json","vulnerability_id":"VCID-56xq-sgry-2uhd","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6789.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6789.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-6789","reference_id":"","reference_type":"","scores":[{"value":"0.86439","scoring_system":"epss","scoring_elements":"0.99415","published_at":"2026-05-05T12:55:00Z"},{"value":"0.86439","scoring_system":"epss","scoring_elements":"0.99404","published_at":"2026-04-01T12:55:00Z"},{"value":"0.86439","scoring_system":"epss","scoring_elements":"0.99403","published_at":"2026-04-02T12:55:00Z"},{"value":"0.86439","scoring_system":"epss","scoring_elements":"0.99405","published_at":"2026-04-04T12:55:00Z"},{"value":"0.86439","scoring_system":"epss","scoring_elements":"0.99406","published_at":"2026-04-07T12:55:00Z"},{"value":"0.86439","scoring_system":"epss","scoring_elements":"0.99407","published_at":"2026-04-08T12:55:00Z"},{"value":"0.86439","scoring_system":"epss","scoring_elements":"0.99408","published_at":"2026-04-09T12:55:00Z"},{"value":"0.86439","scoring_system":"epss","scoring_elements":"0.99409","published_at":"2026-04-11T12:55:00Z"},{"value":"0.86439","scoring_system":"epss","scoring_elements":"0.9941","published_at":"2026-04-12T12:55:00Z"},{"value":"0.86439","scoring_system":"epss","scoring_elements":"0.99411","published_at":"2026-04-13T12:55:00Z"},{"value":"0.86439","scoring_system":"epss","scoring_elements":"0.99414","published_at":"2026-04-16T12:55:00Z"},{"value":"0.86439","scoring_system":"epss","scoring_elements":"0.99412","published_at":"2026-04-18T12:55:00Z"},{"value":"0.86439","scoring_system":"epss","scoring_elements":"0.99413","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-6789"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6789"},{"reference_url":"http://www.securityfocus.com/bid/103049","reference_id":"103049","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/"}],"url":"http://www.securityfocus.com/bid/103049"},{"reference_url":"http://www.securitytracker.com/id/1040461","reference_id":"1040461","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/"}],"url":"http://www.securitytracker.com/id/1040461"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1543268","reference_id":"1543268","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1543268"},{"reference_url":"http://openwall.com/lists/oss-security/2018/02/10/2","reference_id":"2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/"}],"url":"http://openwall.com/lists/oss-security/2018/02/10/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2018/02/07/2","reference_id":"2","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/"}],"url":"http://www.openwall.com/lists/oss-security/2018/02/07/2"},{"reference_url":"https://www.exploit-db.com/exploits/44571/","reference_id":"44571","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/"}],"url":"https://www.exploit-db.com/exploits/44571/"},{"reference_url":"https://www.exploit-db.com/exploits/45671/","reference_id":"45671","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/"}],"url":"https://www.exploit-db.com/exploits/45671/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890000","reference_id":"890000","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890000"},{"reference_url":"https://security.archlinux.org/ASA-201802-6","reference_id":"ASA-201802-6","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201802-6"},{"reference_url":"https://security.archlinux.org/AVG-608","reference_id":"AVG-608","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-608"},{"reference_url":"https://git.exim.org/exim.git/commit/cf3cd306062a08969c41a1cdd32c6855f1abecf1","reference_id":"cf3cd306062a08969c41a1cdd32c6855f1abecf1","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/"}],"url":"https://git.exim.org/exim.git/commit/cf3cd306062a08969c41a1cdd32c6855f1abecf1"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/44571.py","reference_id":"CVE-2018-6789","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/44571.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45671.py","reference_id":"CVE-2018-6789","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/45671.py"},{"reference_url":"https://medium.com/@straightblast426/my-poc-walk-through-for-cve-2018-6789-2e402e4ff588","reference_id":"CVE-2018-6789","reference_type":"exploit","scores":[],"url":"https://medium.com/@straightblast426/my-poc-walk-through-for-cve-2018-6789-2e402e4ff588"},{"reference_url":"https://exim.org/static/doc/security/CVE-2018-6789.txt","reference_id":"CVE-2018-6789.txt","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/"}],"url":"https://exim.org/static/doc/security/CVE-2018-6789.txt"},{"reference_url":"https://www.debian.org/security/2018/dsa-4110","reference_id":"dsa-4110","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/"}],"url":"https://www.debian.org/security/2018/dsa-4110"},{"reference_url":"http://packetstormsecurity.com/files/162959/Exim-base64d-Buffer-Overflow.html","reference_id":"Exim-base64d-Buffer-Overflow.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/"}],"url":"http://packetstormsecurity.com/files/162959/Exim-base64d-Buffer-Overflow.html"},{"reference_url":"https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/","reference_id":"exim-off-by-one-RCE-exploiting-CVE-2018-6789-en","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/"}],"url":"https://devco.re/blog/2018/03/06/exim-off-by-one-RCE-exploiting-CVE-2018-6789-en/"},{"reference_url":"https://security.gentoo.org/glsa/201803-01","reference_id":"GLSA-201803-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-01"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/02/msg00009.html","reference_id":"msg00009.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/02/msg00009.html"},{"reference_url":"https://usn.ubuntu.com/3565-1/","reference_id":"USN-3565-1","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T14:03:40Z/"}],"url":"https://usn.ubuntu.com/3565-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585404?format=json","purl":"pkg:deb/debian/exim4@4.90.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.90.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2018-6789"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-56xq-sgry-2uhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56936?format=json","vulnerability_id":"VCID-5e2k-ure4-wfdf","summary":"Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42117.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42117.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-42117","reference_id":"","reference_type":"","scores":[{"value":"0.0735","scoring_system":"epss","scoring_elements":"0.91671","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0735","scoring_system":"epss","scoring_elements":"0.91736","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0735","scoring_system":"epss","scoring_elements":"0.91725","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0735","scoring_system":"epss","scoring_elements":"0.91723","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0735","scoring_system":"epss","scoring_elements":"0.91677","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0735","scoring_system":"epss","scoring_elements":"0.91686","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0735","scoring_system":"epss","scoring_elements":"0.91698","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0735","scoring_system":"epss","scoring_elements":"0.91705","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0735","scoring_system":"epss","scoring_elements":"0.91709","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0735","scoring_system":"epss","scoring_elements":"0.91711","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0735","scoring_system":"epss","scoring_elements":"0.91707","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0735","scoring_system":"epss","scoring_elements":"0.91728","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0735","scoring_system":"epss","scoring_elements":"0.91721","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0735","scoring_system":"epss","scoring_elements":"0.91722","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-42117"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42117","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42117"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241531","reference_id":"2241531","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241531"},{"reference_url":"https://security.gentoo.org/glsa/202402-18","reference_id":"GLSA-202402-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-18"},{"reference_url":"https://usn.ubuntu.com/6455-1/","reference_id":"USN-6455-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6455-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1471/","reference_id":"ZDI-23-1471","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-03T16:58:53Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1471/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585684?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585685?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585686?format=json","purl":"pkg:deb/debian/exim4@4.97~RC2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.97~RC2-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-42117"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5e2k-ure4-wfdf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91182?format=json","vulnerability_id":"VCID-5q8s-xzfq-mfa8","summary":"Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0400","reference_id":"","reference_type":"","scores":[{"value":"0.06391","scoring_system":"epss","scoring_elements":"0.90971","published_at":"2026-04-01T12:55:00Z"},{"value":"0.06391","scoring_system":"epss","scoring_elements":"0.90977","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06391","scoring_system":"epss","scoring_elements":"0.90986","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06391","scoring_system":"epss","scoring_elements":"0.90997","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06391","scoring_system":"epss","scoring_elements":"0.91009","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06391","scoring_system":"epss","scoring_elements":"0.91014","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06391","scoring_system":"epss","scoring_elements":"0.91023","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06391","scoring_system":"epss","scoring_elements":"0.91047","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06391","scoring_system":"epss","scoring_elements":"0.91046","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06391","scoring_system":"epss","scoring_elements":"0.91048","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06391","scoring_system":"epss","scoring_elements":"0.91061","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06391","scoring_system":"epss","scoring_elements":"0.91059","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06391","scoring_system":"epss","scoring_elements":"0.91054","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06391","scoring_system":"epss","scoring_elements":"0.9107","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0400"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586250?format=json","purl":"pkg:deb/debian/exim4@4.33-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.33-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0400"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5q8s-xzfq-mfa8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50401?format=json","vulnerability_id":"VCID-5vks-gjgj-euhp","summary":"Multiple vulnerabilities were found in Exim, the worst of which\n    leading to remote execution of arbitrary code with root privileges.","references":[{"reference_url":"http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html","reference_id":"","reference_type":"","scores":[],"url":"http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html"},{"reference_url":"http://bugs.exim.org/show_bug.cgi?id=988","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.exim.org/show_bug.cgi?id=988"},{"reference_url":"http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2023.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2023.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2023","reference_id":"","reference_type":"","scores":[{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25432","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25467","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.2524","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25308","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25353","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25365","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25363","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45772","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45712","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45609","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45839","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45842","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45895","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45888","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45834","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0023","scoring_system":"epss","scoring_elements":"0.45762","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2023"},{"reference_url":"http://secunia.com/advisories/40019","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/40019"},{"reference_url":"http://secunia.com/advisories/40123","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/40123"},{"reference_url":"http://secunia.com/advisories/43243","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43243"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/59043","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/59043"},{"reference_url":"http://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup&pathrev=exim-4_72_RC2","reference_id":"","reference_type":"","scores":[],"url":"http://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup&pathrev=exim-4_72_RC2"},{"reference_url":"http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.24&r2=1.25","reference_id":"","reference_type":"","scores":[],"url":"http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.24&r2=1.25"},{"reference_url":"http://www.securityfocus.com/archive/1/511653/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/511653/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/40451","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/40451"},{"reference_url":"http://www.ubuntu.com/usn/USN-1060-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1060-1"},{"reference_url":"http://www.vupen.com/english/advisories/2010/1402","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/1402"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0364","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0364"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=600093","reference_id":"600093","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=600093"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2023","reference_id":"CVE-2010-2023","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2023"},{"reference_url":"https://security.gentoo.org/glsa/201401-32","reference_id":"GLSA-201401-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-32"},{"reference_url":"https://usn.ubuntu.com/1060-1/","reference_id":"USN-1060-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1060-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584672?format=json","purl":"pkg:deb/debian/exim4@4.72-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.72-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2010-2023"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5vks-gjgj-euhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45527?format=json","vulnerability_id":"VCID-69es-qatu-uub2","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28023","reference_id":"","reference_type":"","scores":[{"value":"0.03499","scoring_system":"epss","scoring_elements":"0.87572","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03499","scoring_system":"epss","scoring_elements":"0.87549","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03499","scoring_system":"epss","scoring_elements":"0.87558","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88068","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88079","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88071","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88072","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88086","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88083","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88101","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88106","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88105","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88116","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88043","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03787","scoring_system":"epss","scoring_elements":"0.88063","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28023"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-69es-qatu-uub2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95201?format=json","vulnerability_id":"VCID-6dwr-t9kn-2yfn","summary":"A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3559","reference_id":"","reference_type":"","scores":[{"value":"0.00658","scoring_system":"epss","scoring_elements":"0.71127","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00658","scoring_system":"epss","scoring_elements":"0.71037","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00658","scoring_system":"epss","scoring_elements":"0.71052","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00658","scoring_system":"epss","scoring_elements":"0.71075","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00658","scoring_system":"epss","scoring_elements":"0.7106","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00658","scoring_system":"epss","scoring_elements":"0.71042","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00658","scoring_system":"epss","scoring_elements":"0.71089","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00658","scoring_system":"epss","scoring_elements":"0.71096","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00658","scoring_system":"epss","scoring_elements":"0.71076","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00658","scoring_system":"epss","scoring_elements":"0.71133","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00658","scoring_system":"epss","scoring_elements":"0.71141","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00658","scoring_system":"epss","scoring_elements":"0.71145","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00658","scoring_system":"epss","scoring_elements":"0.71002","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00658","scoring_system":"epss","scoring_elements":"0.7102","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00658","scoring_system":"epss","scoring_elements":"0.70994","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3559"},{"reference_url":"https://git.exim.org/exim.git/commit/4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2","reference_id":"4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/"}],"url":"https://git.exim.org/exim.git/commit/4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV/","reference_id":"EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV/"},{"reference_url":"https://vuldb.com/?id.211073","reference_id":"?id.211073","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/"}],"url":"https://vuldb.com/?id.211073"},{"reference_url":"https://bugs.exim.org/show_bug.cgi?id=2915","reference_id":"show_bug.cgi?id=2915","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/"}],"url":"https://bugs.exim.org/show_bug.cgi?id=2915"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMQ6OCKPNPBPSD37YR4FOWV2R54M2UEP/","reference_id":"TMQ6OCKPNPBPSD37YR4FOWV2R54M2UEP","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TMQ6OCKPNPBPSD37YR4FOWV2R54M2UEP/"},{"reference_url":"https://usn.ubuntu.com/5741-1/","reference_id":"USN-5741-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5741-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFHLZVHNNO2GWYP5EA4TZQZ5O4GVPARR/","reference_id":"WFHLZVHNNO2GWYP5EA4TZQZ5O4GVPARR","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:41Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFHLZVHNNO2GWYP5EA4TZQZ5O4GVPARR/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585684?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/586842?format=json","purl":"pkg:deb/debian/exim4@4.96-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-3559"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6dwr-t9kn-2yfn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45520?format=json","vulnerability_id":"VCID-7vuu-yzmu-duew","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28017","reference_id":"","reference_type":"","scores":[{"value":"0.03214","scoring_system":"epss","scoring_elements":"0.87041","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03214","scoring_system":"epss","scoring_elements":"0.87035","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03214","scoring_system":"epss","scoring_elements":"0.87052","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03214","scoring_system":"epss","scoring_elements":"0.87056","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03214","scoring_system":"epss","scoring_elements":"0.87005","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03214","scoring_system":"epss","scoring_elements":"0.87025","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03214","scoring_system":"epss","scoring_elements":"0.87033","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03214","scoring_system":"epss","scoring_elements":"0.87046","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0344","scoring_system":"epss","scoring_elements":"0.87432","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0344","scoring_system":"epss","scoring_elements":"0.87441","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0344","scoring_system":"epss","scoring_elements":"0.87455","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03683","scoring_system":"epss","scoring_elements":"0.87939","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03683","scoring_system":"epss","scoring_elements":"0.87955","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03683","scoring_system":"epss","scoring_elements":"0.87962","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03683","scoring_system":"epss","scoring_elements":"0.87973","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"},{"reference_url":"https://usn.ubuntu.com/4934-2/","reference_id":"USN-4934-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28017"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7vuu-yzmu-duew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45530?format=json","vulnerability_id":"VCID-838e-pk6w-t3by","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28025","reference_id":"","reference_type":"","scores":[{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.81992","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.82004","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01659","scoring_system":"epss","scoring_elements":"0.82026","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82774","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82791","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82786","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82782","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82821","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8282","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82823","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82846","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82855","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.8286","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82879","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82742","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01799","scoring_system":"epss","scoring_elements":"0.82768","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"},{"reference_url":"https://usn.ubuntu.com/4934-2/","reference_id":"USN-4934-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28025"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-838e-pk6w-t3by"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79157?format=json","vulnerability_id":"VCID-85d7-xwsd-u7hf","summary":"Exim: Exim before 4.96 has an invalid free in pam_converse","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37451.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37451.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37451","reference_id":"","reference_type":"","scores":[{"value":"0.06068","scoring_system":"epss","scoring_elements":"0.90711","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06068","scoring_system":"epss","scoring_elements":"0.90721","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06068","scoring_system":"epss","scoring_elements":"0.90731","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06068","scoring_system":"epss","scoring_elements":"0.90742","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06068","scoring_system":"epss","scoring_elements":"0.90748","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06068","scoring_system":"epss","scoring_elements":"0.90757","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06068","scoring_system":"epss","scoring_elements":"0.90756","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06068","scoring_system":"epss","scoring_elements":"0.90753","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06068","scoring_system":"epss","scoring_elements":"0.90772","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06068","scoring_system":"epss","scoring_elements":"0.90769","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06068","scoring_system":"epss","scoring_elements":"0.90768","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06068","scoring_system":"epss","scoring_elements":"0.90779","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06068","scoring_system":"epss","scoring_elements":"0.9078","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06068","scoring_system":"epss","scoring_elements":"0.90774","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06068","scoring_system":"epss","scoring_elements":"0.90792","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37451"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2119782","reference_id":"2119782","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2119782"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584056?format=json","purl":"pkg:deb/debian/exim4@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585727?format=json","purl":"pkg:deb/debian/exim4@4.95-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.95-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-37451"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-85d7-xwsd-u7hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/82810?format=json","vulnerability_id":"VCID-85sn-frqr-wqc1","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9963.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9963.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9963","reference_id":"","reference_type":"","scores":[{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82098","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.8211","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82131","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82126","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82153","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.8216","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82179","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.8217","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82165","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82203","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82204","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82226","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82237","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.8224","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01678","scoring_system":"epss","scoring_elements":"0.82256","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9963"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9963","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9963"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1405322","reference_id":"1405322","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1405322"},{"reference_url":"https://security.archlinux.org/AVG-153","reference_id":"AVG-153","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-153"},{"reference_url":"https://usn.ubuntu.com/3164-1/","reference_id":"USN-3164-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3164-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586549?format=json","purl":"pkg:deb/debian/exim4@4.88~RC6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.88~RC6-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2016-9963"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-85sn-frqr-wqc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50404?format=json","vulnerability_id":"VCID-879s-a42x-bqhu","summary":"Multiple vulnerabilities were found in Exim, the worst of which\n    leading to remote execution of arbitrary code with root privileges.","references":[{"reference_url":"http://bugs.exim.org/show_bug.cgi?id=1044","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://bugs.exim.org/show_bug.cgi?id=1044"},{"reference_url":"http://lists.exim.org/lurker/message/20101209.172233.abcba158.en.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://lists.exim.org/lurker/message/20101209.172233.abcba158.en.html"},{"reference_url":"http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html"},{"reference_url":"http://openwall.com/lists/oss-security/2010/12/10/1","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://openwall.com/lists/oss-security/2010/12/10/1"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4345.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4345.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4345","reference_id":"","reference_type":"","scores":[{"value":"0.04024","scoring_system":"epss","scoring_elements":"0.88425","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04024","scoring_system":"epss","scoring_elements":"0.8844","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04024","scoring_system":"epss","scoring_elements":"0.88433","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05133","scoring_system":"epss","scoring_elements":"0.89876","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05133","scoring_system":"epss","scoring_elements":"0.89864","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05133","scoring_system":"epss","scoring_elements":"0.89847","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05133","scoring_system":"epss","scoring_elements":"0.8987","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05133","scoring_system":"epss","scoring_elements":"0.89868","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05133","scoring_system":"epss","scoring_elements":"0.89882","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05133","scoring_system":"epss","scoring_elements":"0.89881","published_at":"2026-04-16T12:55:00Z"},{"value":"0.05133","scoring_system":"epss","scoring_elements":"0.89874","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06001","scoring_system":"epss","scoring_elements":"0.90705","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06856","scoring_system":"epss","scoring_elements":"0.91413","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06856","scoring_system":"epss","scoring_elements":"0.91402","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06856","scoring_system":"epss","scoring_elements":"0.914","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06856","scoring_system":"epss","scoring_elements":"0.91399","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4345"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4345","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4345"},{"reference_url":"http://secunia.com/advisories/42576","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://secunia.com/advisories/42576"},{"reference_url":"http://secunia.com/advisories/42930","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://secunia.com/advisories/42930"},{"reference_url":"http://secunia.com/advisories/43128","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://secunia.com/advisories/43128"},{"reference_url":"http://secunia.com/advisories/43243","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://secunia.com/advisories/43243"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-4345","reference_id":"","reference_type":"","scores":[],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-4345"},{"reference_url":"http://www.cpanel.net/2010/12/critical-exim-security-update.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.cpanel.net/2010/12/critical-exim-security-update.html"},{"reference_url":"http://www.debian.org/security/2010/dsa-2131","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.debian.org/security/2010/dsa-2131"},{"reference_url":"http://www.debian.org/security/2011/dsa-2154","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.debian.org/security/2011/dsa-2154"},{"reference_url":"http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html"},{"reference_url":"http://www.kb.cert.org/vuls/id/758489","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.kb.cert.org/vuls/id/758489"},{"reference_url":"http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/05/04/7","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/05/04/7"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0153.html","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2011-0153.html"},{"reference_url":"http://www.securityfocus.com/archive/1/515172/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.securityfocus.com/archive/1/515172/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/45341","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.securityfocus.com/bid/45341"},{"reference_url":"http://www.securitytracker.com/id?1024859","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.securitytracker.com/id?1024859"},{"reference_url":"http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/"},{"reference_url":"http://www.ubuntu.com/usn/USN-1060-1","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.ubuntu.com/usn/USN-1060-1"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3171","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.vupen.com/english/advisories/2010/3171"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3204","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.vupen.com/english/advisories/2010/3204"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0135","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.vupen.com/english/advisories/2011/0135"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0245","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.vupen.com/english/advisories/2011/0245"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0364","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"http://www.vupen.com/english/advisories/2011/0364"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606527","reference_id":"606527","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606527"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=662012","reference_id":"662012","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:24:14Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=662012"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4345","reference_id":"CVE-2010-4345","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:C/I:C/A:C"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4345"},{"reference_url":"https://security.gentoo.org/glsa/201401-32","reference_id":"GLSA-201401-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0153","reference_id":"RHSA-2011:0153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0153"},{"reference_url":"https://usn.ubuntu.com/1060-1/","reference_id":"USN-1060-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1060-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586618?format=json","purl":"pkg:deb/debian/exim4@4.72-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.72-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2010-4345"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-879s-a42x-bqhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45517?format=json","vulnerability_id":"VCID-87un-11ea-myhg","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28014","reference_id":"","reference_type":"","scores":[{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.3727","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37737","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37498","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37477","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37387","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37752","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37803","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37815","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.3783","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37794","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37769","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37817","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37798","published_at":"2026-04-18T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42091","published_at":"2026-04-02T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42119","published_at":"2026-04-04T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.4203","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"},{"reference_url":"https://usn.ubuntu.com/4934-2/","reference_id":"USN-4934-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28014"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-87un-11ea-myhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95233?format=json","vulnerability_id":"VCID-92ug-3eae-tydc","summary":"Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37452","reference_id":"","reference_type":"","scores":[{"value":"0.04696","scoring_system":"epss","scoring_elements":"0.89315","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04696","scoring_system":"epss","scoring_elements":"0.89328","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04696","scoring_system":"epss","scoring_elements":"0.8933","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04696","scoring_system":"epss","scoring_elements":"0.89347","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04696","scoring_system":"epss","scoring_elements":"0.89351","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04696","scoring_system":"epss","scoring_elements":"0.8936","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04696","scoring_system":"epss","scoring_elements":"0.89357","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04696","scoring_system":"epss","scoring_elements":"0.89353","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04696","scoring_system":"epss","scoring_elements":"0.89367","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04696","scoring_system":"epss","scoring_elements":"0.89364","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04696","scoring_system":"epss","scoring_elements":"0.89382","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04696","scoring_system":"epss","scoring_elements":"0.89386","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04696","scoring_system":"epss","scoring_elements":"0.89389","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04696","scoring_system":"epss","scoring_elements":"0.89398","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-37452"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37452","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37452"},{"reference_url":"https://usn.ubuntu.com/5574-1/","reference_id":"USN-5574-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5574-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586540?format=json","purl":"pkg:deb/debian/exim4@4.94.2-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-37452"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-92ug-3eae-tydc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45510?format=json","vulnerability_id":"VCID-avxe-yhcq-wudx","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28007","reference_id":"","reference_type":"","scores":[{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.38545","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.38988","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.38779","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.38756","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.38668","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.39023","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.39075","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.39091","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.39103","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.39066","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.39046","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.39101","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00175","scoring_system":"epss","scoring_elements":"0.39072","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43572","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.43599","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00211","scoring_system":"epss","scoring_elements":"0.4351","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"},{"reference_url":"https://usn.ubuntu.com/4934-2/","reference_id":"USN-4934-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28007"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-avxe-yhcq-wudx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89317?format=json","vulnerability_id":"VCID-awpv-dmgg-abef","summary":"security flaw","references":[{"reference_url":"http://ftp6.us.freebsd.org/pub/mail/exim/ChangeLogs/ChangeLog-4.44","reference_id":"","reference_type":"","scores":[],"url":"http://ftp6.us.freebsd.org/pub/mail/exim/ChangeLogs/ChangeLog-4.44"},{"reference_url":"http://marc.info/?l=bugtraq&m=110824870908614&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=110824870908614&w=2"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0022.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0022.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0022","reference_id":"","reference_type":"","scores":[{"value":"0.01451","scoring_system":"epss","scoring_elements":"0.80877","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01451","scoring_system":"epss","scoring_elements":"0.80723","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01451","scoring_system":"epss","scoring_elements":"0.80732","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01451","scoring_system":"epss","scoring_elements":"0.80753","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01451","scoring_system":"epss","scoring_elements":"0.8075","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01451","scoring_system":"epss","scoring_elements":"0.80778","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01451","scoring_system":"epss","scoring_elements":"0.80787","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01451","scoring_system":"epss","scoring_elements":"0.80803","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01451","scoring_system":"epss","scoring_elements":"0.80788","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01451","scoring_system":"epss","scoring_elements":"0.80779","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01451","scoring_system":"epss","scoring_elements":"0.80816","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01451","scoring_system":"epss","scoring_elements":"0.80819","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01451","scoring_system":"epss","scoring_elements":"0.8082","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01451","scoring_system":"epss","scoring_elements":"0.80843","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01451","scoring_system":"epss","scoring_elements":"0.80848","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01451","scoring_system":"epss","scoring_elements":"0.8086","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0022"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200501-23.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200501-23.xml"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11293","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11293"},{"reference_url":"http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050103/msg00028.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050103/msg00028.html"},{"reference_url":"http://www.idefense.com/application/poi/display?id=178&type=vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://www.idefense.com/application/poi/display?id=178&type=vulnerabilities"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2005-025.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2005-025.html"},{"reference_url":"http://www.securityfocus.com/bid/12188","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/12188"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617440","reference_id":"1617440","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617440"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:university_of_cambridge:exim:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:4.41:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:university_of_cambridge:exim:4.41:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:4.41:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:4.42:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:university_of_cambridge:exim:4.42:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:4.42:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-0022","reference_id":"CVE-2005-0022","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-0022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:025","reference_id":"RHSA-2005:025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:025"},{"reference_url":"https://usn.ubuntu.com/56-1/","reference_id":"USN-56-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/56-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584854?format=json","purl":"pkg:deb/debian/exim4@4.34-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.34-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0022"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-awpv-dmgg-abef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50402?format=json","vulnerability_id":"VCID-bdkr-87xb-4yf8","summary":"Multiple vulnerabilities were found in Exim, the worst of which\n    leading to remote execution of arbitrary code with root privileges.","references":[{"reference_url":"http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html","reference_id":"","reference_type":"","scores":[],"url":"http://archives.neohapsis.com/archives/fulldisclosure/2010-06/0079.html"},{"reference_url":"http://bugs.exim.org/show_bug.cgi?id=989","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.exim.org/show_bug.cgi?id=989"},{"reference_url":"http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.exim.org/lurker/message/20100524.175925.9a69f755.en.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042587.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042613.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2024.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2024.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2024","reference_id":"","reference_type":"","scores":[{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20901","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20961","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20675","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20752","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20813","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20831","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20753","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38546","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38458","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38339","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38819","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38791","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38837","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38815","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38735","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.3857","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2024"},{"reference_url":"http://secunia.com/advisories/40019","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/40019"},{"reference_url":"http://secunia.com/advisories/40123","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/40123"},{"reference_url":"http://secunia.com/advisories/43243","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43243"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/59042","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/59042"},{"reference_url":"http://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup&pathrev=exim-4_72_RC2","reference_id":"","reference_type":"","scores":[],"url":"http://vcs.exim.org/viewvc/exim/exim-doc/doc-txt/ChangeLog?view=markup&pathrev=exim-4_72_RC2"},{"reference_url":"http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.25&r2=1.26","reference_id":"","reference_type":"","scores":[],"url":"http://vcs.exim.org/viewvc/exim/exim-src/src/transports/appendfile.c?r1=1.25&r2=1.26"},{"reference_url":"http://www.securityfocus.com/archive/1/511653/100/0/threaded","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/archive/1/511653/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/40454","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/40454"},{"reference_url":"http://www.ubuntu.com/usn/USN-1060-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1060-1"},{"reference_url":"http://www.vupen.com/english/advisories/2010/1402","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2010/1402"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0364","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0364"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=600097","reference_id":"600097","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=600097"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2024","reference_id":"CVE-2010-2024","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-2024"},{"reference_url":"https://security.gentoo.org/glsa/201401-32","reference_id":"GLSA-201401-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-32"},{"reference_url":"https://usn.ubuntu.com/1060-1/","reference_id":"USN-1060-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1060-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584672?format=json","purl":"pkg:deb/debian/exim4@4.72-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.72-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2010-2024"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bdkr-87xb-4yf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56210?format=json","vulnerability_id":"VCID-bgxc-8scn-z7e8","summary":"A vulnerability in Exim could allow a remote attacker to execute\n    arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16928.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16928.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16928","reference_id":"","reference_type":"","scores":[{"value":"0.89816","scoring_system":"epss","scoring_elements":"0.99569","published_at":"2026-04-13T12:55:00Z"},{"value":"0.89905","scoring_system":"epss","scoring_elements":"0.99571","published_at":"2026-04-01T12:55:00Z"},{"value":"0.89905","scoring_system":"epss","scoring_elements":"0.99572","published_at":"2026-04-04T12:55:00Z"},{"value":"0.89905","scoring_system":"epss","scoring_elements":"0.99574","published_at":"2026-04-09T12:55:00Z"},{"value":"0.89905","scoring_system":"epss","scoring_elements":"0.9957","published_at":"2026-04-02T12:55:00Z"},{"value":"0.89905","scoring_system":"epss","scoring_elements":"0.99573","published_at":"2026-04-07T12:55:00Z"},{"value":"0.90019","scoring_system":"epss","scoring_elements":"0.99588","published_at":"2026-05-05T12:55:00Z"},{"value":"0.90019","scoring_system":"epss","scoring_elements":"0.99582","published_at":"2026-04-16T12:55:00Z"},{"value":"0.90019","scoring_system":"epss","scoring_elements":"0.99583","published_at":"2026-04-18T12:55:00Z"},{"value":"0.90019","scoring_system":"epss","scoring_elements":"0.99584","published_at":"2026-04-21T12:55:00Z"},{"value":"0.90019","scoring_system":"epss","scoring_elements":"0.99585","published_at":"2026-04-26T12:55:00Z"},{"value":"0.90019","scoring_system":"epss","scoring_elements":"0.99586","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-16928"},{"reference_url":"https://bugs.exim.org/show_bug.cgi?id=2449","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/"}],"url":"https://bugs.exim.org/show_bug.cgi?id=2449"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16928","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16928"},{"reference_url":"https://git.exim.org/exim.git/commit/478effbfd9c3cc5a627fc671d4bf94d13670d65f","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/"}],"url":"https://git.exim.org/exim.git/commit/478effbfd9c3cc5a627fc671d4bf94d13670d65f"},{"reference_url":"https://lists.exim.org/lurker/message/20190927.032457.c1044d4c.en.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/"}],"url":"https://lists.exim.org/lurker/message/20190927.032457.c1044d4c.en.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EED7HM3MFIBAP5OIMJAFJ35JAJABTVSC/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EED7HM3MFIBAP5OIMJAFJ35JAJABTVSC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3TJW4HPYH3O5HZCWGD6NSHTEBTTAPDC/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T3TJW4HPYH3O5HZCWGD6NSHTEBTTAPDC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UY6HPRW7MR3KBQ5JFHH6OXM7YCZBJCOB/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UY6HPRW7MR3KBQ5JFHH6OXM7YCZBJCOB/"},{"reference_url":"https://seclists.org/bugtraq/2019/Sep/60","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/"}],"url":"https://seclists.org/bugtraq/2019/Sep/60"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-16928","reference_id":"","reference_type":"","scores":[],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2019-16928"},{"reference_url":"https://www.debian.org/security/2019/dsa-4536","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/"}],"url":"https://www.debian.org/security/2019/dsa-4536"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/09/28/1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/09/28/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/09/28/2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/09/28/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/09/28/3","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/09/28/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/09/28/4","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/09/28/4"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1756930","reference_id":"1756930","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1756930"},{"reference_url":"https://security.archlinux.org/ASA-201910-1","reference_id":"ASA-201910-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201910-1"},{"reference_url":"https://security.archlinux.org/AVG-1038","reference_id":"AVG-1038","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1038"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16928","reference_id":"CVE-2019-16928","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-16928"},{"reference_url":"https://security.gentoo.org/glsa/202003-47","reference_id":"GLSA-202003-47","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/"}],"url":"https://security.gentoo.org/glsa/202003-47"},{"reference_url":"https://usn.ubuntu.com/4141-1/","reference_id":"USN-4141-1","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-04T20:03:35Z/"}],"url":"https://usn.ubuntu.com/4141-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585582?format=json","purl":"pkg:deb/debian/exim4@4.92.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92.2-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2019-16928"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bgxc-8scn-z7e8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45515?format=json","vulnerability_id":"VCID-bz4v-p82a-skgk","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28012","reference_id":"","reference_type":"","scores":[{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34597","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35068","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34836","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34818","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34725","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35077","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35122","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35147","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35152","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35117","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35093","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35131","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39189","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39211","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39003","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"},{"reference_url":"https://usn.ubuntu.com/4934-2/","reference_id":"USN-4934-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28012"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bz4v-p82a-skgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57176?format=json","vulnerability_id":"VCID-c9g9-ufem-9bgr","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"http://openwall.com/lists/oss-security/2017/11/25/1","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2017/11/25/1"},{"reference_url":"http://openwall.com/lists/oss-security/2017/11/25/2","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2017/11/25/2"},{"reference_url":"http://openwall.com/lists/oss-security/2017/11/25/3","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2017/11/25/3"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16943.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16943.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16943","reference_id":"","reference_type":"","scores":[{"value":"0.745","scoring_system":"epss","scoring_elements":"0.98841","published_at":"2026-04-04T12:55:00Z"},{"value":"0.745","scoring_system":"epss","scoring_elements":"0.98838","published_at":"2026-04-01T12:55:00Z"},{"value":"0.745","scoring_system":"epss","scoring_elements":"0.98844","published_at":"2026-04-08T12:55:00Z"},{"value":"0.745","scoring_system":"epss","scoring_elements":"0.98843","published_at":"2026-04-07T12:55:00Z"},{"value":"0.745","scoring_system":"epss","scoring_elements":"0.98839","published_at":"2026-04-02T12:55:00Z"},{"value":"0.76925","scoring_system":"epss","scoring_elements":"0.98975","published_at":"2026-05-05T12:55:00Z"},{"value":"0.76925","scoring_system":"epss","scoring_elements":"0.98967","published_at":"2026-04-24T12:55:00Z"},{"value":"0.76925","scoring_system":"epss","scoring_elements":"0.98968","published_at":"2026-04-26T12:55:00Z"},{"value":"0.76925","scoring_system":"epss","scoring_elements":"0.9897","published_at":"2026-04-29T12:55:00Z"},{"value":"0.76925","scoring_system":"epss","scoring_elements":"0.98956","published_at":"2026-04-09T12:55:00Z"},{"value":"0.76925","scoring_system":"epss","scoring_elements":"0.98957","published_at":"2026-04-11T12:55:00Z"},{"value":"0.76925","scoring_system":"epss","scoring_elements":"0.98958","published_at":"2026-04-13T12:55:00Z"},{"value":"0.76925","scoring_system":"epss","scoring_elements":"0.9896","published_at":"2026-04-16T12:55:00Z"},{"value":"0.76925","scoring_system":"epss","scoring_elements":"0.98961","published_at":"2026-04-18T12:55:00Z"},{"value":"0.76925","scoring_system":"epss","scoring_elements":"0.98963","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16943"},{"reference_url":"https://bugs.exim.org/show_bug.cgi?id=2199","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.exim.org/show_bug.cgi?id=2199"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16943","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16943"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16944","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16944"},{"reference_url":"https://git.exim.org/exim.git/commit/4090d62a4b25782129cc1643596dc2f6e8f63bde","reference_id":"","reference_type":"","scores":[],"url":"https://git.exim.org/exim.git/commit/4090d62a4b25782129cc1643596dc2f6e8f63bde"},{"reference_url":"https://git.exim.org/exim.git/commitdiff/4e6ae6235c68de243b1c2419027472d7659aa2b4","reference_id":"","reference_type":"","scores":[],"url":"https://git.exim.org/exim.git/commitdiff/4e6ae6235c68de243b1c2419027472d7659aa2b4"},{"reference_url":"https://github.com/LetUsFsck/PoC-Exploit-Mirror/tree/master/CVE-2017-16944","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/LetUsFsck/PoC-Exploit-Mirror/tree/master/CVE-2017-16944"},{"reference_url":"https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html"},{"reference_url":"https://www.debian.org/security/2017/dsa-4053","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-4053"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/05/04/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2021/05/04/7"},{"reference_url":"http://www.securitytracker.com/id/1039872","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039872"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1517680","reference_id":"1517680","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1517680"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882648","reference_id":"882648","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882648"},{"reference_url":"https://security.archlinux.org/ASA-201711-32","reference_id":"ASA-201711-32","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-32"},{"reference_url":"https://security.archlinux.org/AVG-518","reference_id":"AVG-518","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-518"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.88:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.88:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.88:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.89:-:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.89:-:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.89:-:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16943","reference_id":"CVE-2017-16943","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16943"},{"reference_url":"https://security.gentoo.org/glsa/201803-01","reference_id":"GLSA-201803-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-01"},{"reference_url":"https://usn.ubuntu.com/3493-1/","reference_id":"USN-3493-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3493-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583711?format=json","purl":"pkg:deb/debian/exim4@4.89-12?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-12%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2017-16943"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c9g9-ufem-9bgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45514?format=json","vulnerability_id":"VCID-caau-2ury-hbbs","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28011","reference_id":"","reference_type":"","scores":[{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35376","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35838","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.3561","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35579","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35492","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35846","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35897","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35919","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35925","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35884","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.3586","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.359","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35887","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.4003","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40056","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39882","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"},{"reference_url":"https://usn.ubuntu.com/4934-2/","reference_id":"USN-4934-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28011"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-caau-2ury-hbbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91181?format=json","vulnerability_id":"VCID-d8va-5pph-7yb5","summary":"Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0399","reference_id":"","reference_type":"","scores":[{"value":"0.42079","scoring_system":"epss","scoring_elements":"0.97414","published_at":"2026-04-01T12:55:00Z"},{"value":"0.42079","scoring_system":"epss","scoring_elements":"0.9742","published_at":"2026-04-02T12:55:00Z"},{"value":"0.42079","scoring_system":"epss","scoring_elements":"0.97424","published_at":"2026-04-04T12:55:00Z"},{"value":"0.42079","scoring_system":"epss","scoring_elements":"0.97426","published_at":"2026-04-07T12:55:00Z"},{"value":"0.42079","scoring_system":"epss","scoring_elements":"0.97433","published_at":"2026-04-08T12:55:00Z"},{"value":"0.42079","scoring_system":"epss","scoring_elements":"0.97434","published_at":"2026-04-09T12:55:00Z"},{"value":"0.42079","scoring_system":"epss","scoring_elements":"0.97436","published_at":"2026-04-11T12:55:00Z"},{"value":"0.42079","scoring_system":"epss","scoring_elements":"0.97438","published_at":"2026-04-12T12:55:00Z"},{"value":"0.42079","scoring_system":"epss","scoring_elements":"0.97439","published_at":"2026-04-13T12:55:00Z"},{"value":"0.42079","scoring_system":"epss","scoring_elements":"0.97447","published_at":"2026-04-16T12:55:00Z"},{"value":"0.42079","scoring_system":"epss","scoring_elements":"0.97451","published_at":"2026-04-21T12:55:00Z"},{"value":"0.42079","scoring_system":"epss","scoring_elements":"0.9745","published_at":"2026-04-24T12:55:00Z"},{"value":"0.42079","scoring_system":"epss","scoring_elements":"0.97452","published_at":"2026-04-26T12:55:00Z"},{"value":"0.42079","scoring_system":"epss","scoring_elements":"0.97454","published_at":"2026-04-29T12:55:00Z"},{"value":"0.42079","scoring_system":"epss","scoring_elements":"0.97457","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0399"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0399","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0399"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24093.c","reference_id":"CVE-2004-0399;OSVDB-5896","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24093.c"},{"reference_url":"https://www.securityfocus.com/bid/10290/info","reference_id":"CVE-2004-0399;OSVDB-5896","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/10290/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586250?format=json","purl":"pkg:deb/debian/exim4@4.33-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.33-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2004-0399"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d8va-5pph-7yb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50406?format=json","vulnerability_id":"VCID-e844-g11f-f7fd","summary":"Multiple vulnerabilities were found in Exim, the worst of which\n    leading to remote execution of arbitrary code with root privileges.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1407.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1407.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1407","reference_id":"","reference_type":"","scores":[{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72436","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72312","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72318","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72336","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72313","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72352","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72364","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72387","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.7237","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72358","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72399","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72408","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72396","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72438","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72448","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00715","scoring_system":"epss","scoring_elements":"0.72444","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1407"},{"reference_url":"https://lists.exim.org/lurker/message/20110509.091632.daed0206.en.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.exim.org/lurker/message/20110509.091632.daed0206.en.html"},{"reference_url":"https://lists.exim.org/lurker/message/20110512.102909.8136175a.en.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.exim.org/lurker/message/20110512.102909.8136175a.en.html"},{"reference_url":"http://www.debian.org/security/2011/dsa-2236","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2011/dsa-2236"},{"reference_url":"http://www.securityfocus.com/bid/47836","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/47836"},{"reference_url":"http://www.ubuntu.com/usn/USN-1135-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1135-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=705446","reference_id":"705446","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=705446"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1407","reference_id":"CVE-2011-1407","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-1407"},{"reference_url":"https://security.gentoo.org/glsa/201401-32","reference_id":"GLSA-201401-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-32"},{"reference_url":"https://usn.ubuntu.com/1135-1/","reference_id":"USN-1135-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1135-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585186?format=json","purl":"pkg:deb/debian/exim4@4.76-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.76-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2011-1407"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e844-g11f-f7fd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56934?format=json","vulnerability_id":"VCID-f998-369d-r3ds","summary":"Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42116.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42116.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-42116","reference_id":"","reference_type":"","scores":[{"value":"0.06734","scoring_system":"epss","scoring_elements":"0.91234","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06734","scoring_system":"epss","scoring_elements":"0.91328","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06734","scoring_system":"epss","scoring_elements":"0.91316","published_at":"2026-04-26T12:55:00Z"},{"value":"0.06734","scoring_system":"epss","scoring_elements":"0.91314","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06734","scoring_system":"epss","scoring_elements":"0.91243","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06734","scoring_system":"epss","scoring_elements":"0.9125","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06734","scoring_system":"epss","scoring_elements":"0.91263","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06734","scoring_system":"epss","scoring_elements":"0.9127","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06734","scoring_system":"epss","scoring_elements":"0.91277","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06734","scoring_system":"epss","scoring_elements":"0.9128","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06734","scoring_system":"epss","scoring_elements":"0.91279","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06734","scoring_system":"epss","scoring_elements":"0.91304","published_at":"2026-04-18T12:55:00Z"},{"value":"0.06734","scoring_system":"epss","scoring_elements":"0.91306","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-42116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241528","reference_id":"2241528","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241528"},{"reference_url":"https://security.gentoo.org/glsa/202402-18","reference_id":"GLSA-202402-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-18"},{"reference_url":"https://usn.ubuntu.com/6411-1/","reference_id":"USN-6411-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6411-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1470/","reference_id":"ZDI-23-1470","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-05T15:02:42Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1470/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583814?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583815?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583816?format=json","purl":"pkg:deb/debian/exim4@4.97~RC1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.97~RC1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-42116"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f998-369d-r3ds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91044?format=json","vulnerability_id":"VCID-fndg-t3tw-mqef","summary":"Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1381","reference_id":"","reference_type":"","scores":[{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86634","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86645","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86665","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86664","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86683","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86692","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86706","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86703","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86696","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86709","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86715","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86727","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86735","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03052","scoring_system":"epss","scoring_elements":"0.86756","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1381"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1381","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1381"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/22066.c","reference_id":"CVE-2002-1381;OSVDB-10360","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/22066.c"},{"reference_url":"https://www.securityfocus.com/bid/6314/info","reference_id":"CVE-2002-1381;OSVDB-10360","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/6314/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586914?format=json","purl":"pkg:deb/debian/exim4@4.11-0.0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.11-0.0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2002-1381"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fndg-t3tw-mqef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/355417?format=json","vulnerability_id":"VCID-gdsh-48ys-33ew","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40684","reference_id":"","reference_type":"","scores":[{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.16819","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40684"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40684","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40684"},{"reference_url":"https://www.openwall.com/lists/oss-security/2026/04/30/21","reference_id":"21","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T14:25:46Z/"}],"url":"https://www.openwall.com/lists/oss-security/2026/04/30/21"},{"reference_url":"https://code.exim.org/exim/exim/commit/628bbaca7672748d941a12e7cd5f0122a4e18c81","reference_id":"628bbaca7672748d941a12e7cd5f0122a4e18c81","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T14:25:46Z/"}],"url":"https://code.exim.org/exim/exim/commit/628bbaca7672748d941a12e7cd5f0122a4e18c81"},{"reference_url":"https://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40684.assessment","reference_id":"CVE2026-40684.assessment","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T14:25:46Z/"}],"url":"https://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40684.assessment"},{"reference_url":"https://exim.org/static/doc/security/CVE-2026-40684.txt","reference_id":"CVE-2026-40684.txt","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T14:25:46Z/"}],"url":"https://exim.org/static/doc/security/CVE-2026-40684.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-40684"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gdsh-48ys-33ew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/331170?format=json","vulnerability_id":"VCID-h3v8-dkfk-2bfr","summary":"A UNIX Symbolic Link (Symlink) Following vulnerability in logrotate config in the exim package allowed privilege escalation from mail user/group to root.This issue affects Tumbleweed: from ? before 4.98.2-lp156.248.1.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53881","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07362","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07349","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07477","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07436","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07426","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07406","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0739","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07445","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07468","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07461","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07447","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07437","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07363","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08028","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.07997","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-53881"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-53881","reference_id":"show_bug.cgi?id=CVE-2025-53881","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-02T17:15:08Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-53881"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584056?format=json","purl":"pkg:deb/debian/exim4@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-53881"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h3v8-dkfk-2bfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/355418?format=json","vulnerability_id":"VCID-huhp-241r-jbf6","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40685","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16536","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40685"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40685","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40685"},{"reference_url":"https://www.openwall.com/lists/oss-security/2026/04/30/21","reference_id":"21","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T14:26:30Z/"}],"url":"https://www.openwall.com/lists/oss-security/2026/04/30/21"},{"reference_url":"https://code.exim.org/exim/exim/commit/9fdc057e71b87c87a0d3d2288b2810a0efaaba57","reference_id":"9fdc057e71b87c87a0d3d2288b2810a0efaaba57","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T14:26:30Z/"}],"url":"https://code.exim.org/exim/exim/commit/9fdc057e71b87c87a0d3d2288b2810a0efaaba57"},{"reference_url":"https://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40685.assessment","reference_id":"CVE2026-40685.assessment","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T14:26:30Z/"}],"url":"https://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40685.assessment"},{"reference_url":"https://exim.org/static/doc/security/CVE-2026-40685.txt","reference_id":"CVE-2026-40685.txt","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T14:26:30Z/"}],"url":"https://exim.org/static/doc/security/CVE-2026-40685.txt"},{"reference_url":"https://usn.ubuntu.com/8228-1/","reference_id":"USN-8228-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8228-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-40685"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-huhp-241r-jbf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/355419?format=json","vulnerability_id":"VCID-hy1a-tah2-27gq","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40686","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.0866","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40686"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40686","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40686"},{"reference_url":"https://www.openwall.com/lists/oss-security/2026/04/30/21","reference_id":"21","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T14:27:01Z/"}],"url":"https://www.openwall.com/lists/oss-security/2026/04/30/21"},{"reference_url":"https://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40686.assessment","reference_id":"CVE2026-40686.assessment","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T14:27:01Z/"}],"url":"https://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40686.assessment"},{"reference_url":"https://exim.org/static/doc/security/CVE-2026-40686.txt","reference_id":"CVE-2026-40686.txt","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T14:27:01Z/"}],"url":"https://exim.org/static/doc/security/CVE-2026-40686.txt"},{"reference_url":"https://code.exim.org/exim/exim/commit/f2570bde16fb4d4a1242ff363a4c4eecf6372efc","reference_id":"f2570bde16fb4d4a1242ff363a4c4eecf6372efc","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T14:27:01Z/"}],"url":"https://code.exim.org/exim/exim/commit/f2570bde16fb4d4a1242ff363a4c4eecf6372efc"},{"reference_url":"https://usn.ubuntu.com/8228-1/","reference_id":"USN-8228-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8228-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-40686"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hy1a-tah2-27gq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97774?format=json","vulnerability_id":"VCID-j9ru-hveg-jke3","summary":"A use-after-free in Exim 4.96 through 4.98.1 could allow users (with command-line access) to escalate privileges.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30232","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09383","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09235","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09299","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09337","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09284","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09202","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09278","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09322","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09331","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09303","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0929","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09182","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0918","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09332","published_at":"2026-04-21T12:55:00Z"},{"value":"0.001","scoring_system":"epss","scoring_elements":"0.27197","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-30232"},{"reference_url":"https://security.archlinux.org/ASA-202503-1","reference_id":"ASA-202503-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202503-1"},{"reference_url":"https://security.archlinux.org/AVG-2859","reference_id":"AVG-2859","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2859"},{"reference_url":"https://www.exim.org/static/doc/security/CVE-2025-30232.txt","reference_id":"CVE-2025-30232.txt","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-28T14:37:01Z/"}],"url":"https://www.exim.org/static/doc/security/CVE-2025-30232.txt"},{"reference_url":"https://usn.ubuntu.com/7373-1/","reference_id":"USN-7373-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7373-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584056?format=json","purl":"pkg:deb/debian/exim4@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585929?format=json","purl":"pkg:deb/debian/exim4@4.98.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-30232"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j9ru-hveg-jke3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66050?format=json","vulnerability_id":"VCID-kh8n-3nvr-quhj","summary":"exim: Exim: Remote heap corruption vulnerability","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67896.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-67896.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67896","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25091","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25017","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25129","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24904","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24973","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25031","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24991","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24937","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29743","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29619","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29505","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29443","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29297","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29765","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00112","scoring_system":"epss","scoring_elements":"0.29699","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-67896"},{"reference_url":"https://www.openwall.com/lists/oss-security/2025/12/11/2","reference_id":"2","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T21:27:33Z/"}],"url":"https://www.openwall.com/lists/oss-security/2025/12/11/2"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422034","reference_id":"2422034","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2422034"},{"reference_url":"https://exim.org/static/doc/security/EXIM-Security-2025-12-09.1/report.txt","reference_id":"report.txt","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T21:27:33Z/"}],"url":"https://exim.org/static/doc/security/EXIM-Security-2025-12-09.1/report.txt"},{"reference_url":"https://exim.org/static/doc/security/","reference_id":"security","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-15T21:27:33Z/"}],"url":"https://exim.org/static/doc/security/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584056?format=json","purl":"pkg:deb/debian/exim4@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584057?format=json","purl":"pkg:deb/debian/exim4@4.99-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-67896"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kh8n-3nvr-quhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45511?format=json","vulnerability_id":"VCID-kxtk-ybzc-eyfj","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28008","reference_id":"","reference_type":"","scores":[{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29843","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30234","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30169","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30053","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.29978","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30277","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30336","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.3037","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30373","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30329","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30282","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30296","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00116","scoring_system":"epss","scoring_elements":"0.30278","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34186","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34219","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33848","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"},{"reference_url":"https://usn.ubuntu.com/4934-2/","reference_id":"USN-4934-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28008"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kxtk-ybzc-eyfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94857?format=json","vulnerability_id":"VCID-m8mt-ya9x-yqaq","summary":"The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38371","reference_id":"","reference_type":"","scores":[{"value":"0.02209","scoring_system":"epss","scoring_elements":"0.84536","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02209","scoring_system":"epss","scoring_elements":"0.84382","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02209","scoring_system":"epss","scoring_elements":"0.84397","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02209","scoring_system":"epss","scoring_elements":"0.84417","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02209","scoring_system":"epss","scoring_elements":"0.8442","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02209","scoring_system":"epss","scoring_elements":"0.84441","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02209","scoring_system":"epss","scoring_elements":"0.84446","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02209","scoring_system":"epss","scoring_elements":"0.84465","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02209","scoring_system":"epss","scoring_elements":"0.84459","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02209","scoring_system":"epss","scoring_elements":"0.84455","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02209","scoring_system":"epss","scoring_elements":"0.84477","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02209","scoring_system":"epss","scoring_elements":"0.84479","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02209","scoring_system":"epss","scoring_elements":"0.84506","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02209","scoring_system":"epss","scoring_elements":"0.84515","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02209","scoring_system":"epss","scoring_elements":"0.84519","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-38371"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38371","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38371"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992172","reference_id":"992172","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992172"},{"reference_url":"https://security.archlinux.org/AVG-2272","reference_id":"AVG-2272","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2272"},{"reference_url":"https://usn.ubuntu.com/6881-1/","reference_id":"USN-6881-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6881-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585684?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/586163?format=json","purl":"pkg:deb/debian/exim4@4.95~RC2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.95~RC2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2021-38371"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m8mt-ya9x-yqaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45512?format=json","vulnerability_id":"VCID-mssq-pkfp-fbhg","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28009","reference_id":"","reference_type":"","scores":[{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39543","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39946","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39774","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.3976","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39674","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39982","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40035","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40049","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.4006","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40023","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40003","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40053","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40024","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44559","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.4458","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00219","scoring_system":"epss","scoring_elements":"0.44488","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"},{"reference_url":"https://usn.ubuntu.com/4934-2/","reference_id":"USN-4934-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28009"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mssq-pkfp-fbhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74998?format=json","vulnerability_id":"VCID-mwem-kfpv-eqf2","summary":"exim: exim: Incorrect parsing of multiline rfc2231 header filename","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39929.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-39929.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39929","reference_id":"","reference_type":"","scores":[{"value":"0.6031","scoring_system":"epss","scoring_elements":"0.98294","published_at":"2026-05-05T12:55:00Z"},{"value":"0.6031","scoring_system":"epss","scoring_elements":"0.98285","published_at":"2026-04-18T12:55:00Z"},{"value":"0.6031","scoring_system":"epss","scoring_elements":"0.98284","published_at":"2026-04-21T12:55:00Z"},{"value":"0.6031","scoring_system":"epss","scoring_elements":"0.98287","published_at":"2026-04-24T12:55:00Z"},{"value":"0.6031","scoring_system":"epss","scoring_elements":"0.98288","published_at":"2026-04-29T12:55:00Z"},{"value":"0.63532","scoring_system":"epss","scoring_elements":"0.98401","published_at":"2026-04-02T12:55:00Z"},{"value":"0.63915","scoring_system":"epss","scoring_elements":"0.98429","published_at":"2026-04-13T12:55:00Z"},{"value":"0.63915","scoring_system":"epss","scoring_elements":"0.98422","published_at":"2026-04-07T12:55:00Z"},{"value":"0.63915","scoring_system":"epss","scoring_elements":"0.98425","published_at":"2026-04-08T12:55:00Z"},{"value":"0.63915","scoring_system":"epss","scoring_elements":"0.98426","published_at":"2026-04-09T12:55:00Z"},{"value":"0.63915","scoring_system":"epss","scoring_elements":"0.98434","published_at":"2026-04-16T12:55:00Z"},{"value":"0.63915","scoring_system":"epss","scoring_elements":"0.9842","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-39929"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39929","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39929"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075785","reference_id":"1075785","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1075785"},{"reference_url":"https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b","reference_id":"1b3209b0577a9327ebb076f3b32b8a159c253f7b","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T16:09:08Z/"}],"url":"https://git.exim.org/exim.git/commit/1b3209b0577a9327ebb076f3b32b8a159c253f7b"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295819","reference_id":"2295819","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2295819"},{"reference_url":"https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357","reference_id":"6ce5c70cff8989418e05d01fd2a57703007a6357","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T16:09:08Z/"}],"url":"https://git.exim.org/exim.git/commit/6ce5c70cff8989418e05d01fd2a57703007a6357"},{"reference_url":"https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3","reference_id":"exim-4.98-RC2...exim-4.98-RC3","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T16:09:08Z/"}],"url":"https://github.com/Exim/exim/compare/exim-4.98-RC2...exim-4.98-RC3"},{"reference_url":"https://www.rfc-editor.org/rfc/rfc2231.txt","reference_id":"rfc2231.txt","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T16:09:08Z/"}],"url":"https://www.rfc-editor.org/rfc/rfc2231.txt"},{"reference_url":"https://bugs.exim.org/show_bug.cgi?id=3099#c4","reference_id":"show_bug.cgi?id=3099#c4","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-08T16:09:08Z/"}],"url":"https://bugs.exim.org/show_bug.cgi?id=3099#c4"},{"reference_url":"https://usn.ubuntu.com/6939-1/","reference_id":"USN-6939-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6939-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585691?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585692?format=json","purl":"pkg:deb/debian/exim4@4.98~RC3-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98~RC3-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2024-39929"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mwem-kfpv-eqf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62581?format=json","vulnerability_id":"VCID-p285-6bu3-vuh5","summary":"security update","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00026.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00026.html"},{"reference_url":"http://packetstormsecurity.com/files/136124/Exim-4.84-3-Local-Root-Privilege-Escalation.html","reference_id":"","reference_type":"","scores":[],"url":"http://packetstormsecurity.com/files/136124/Exim-4.84-3-Local-Root-Privilege-Escalation.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1531.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1531.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1531","reference_id":"","reference_type":"","scores":[{"value":"0.5677","scoring_system":"epss","scoring_elements":"0.98145","published_at":"2026-05-05T12:55:00Z"},{"value":"0.5677","scoring_system":"epss","scoring_elements":"0.98138","published_at":"2026-04-26T12:55:00Z"},{"value":"0.5677","scoring_system":"epss","scoring_elements":"0.9814","published_at":"2026-04-29T12:55:00Z"},{"value":"0.5677","scoring_system":"epss","scoring_elements":"0.98114","published_at":"2026-04-01T12:55:00Z"},{"value":"0.5677","scoring_system":"epss","scoring_elements":"0.98117","published_at":"2026-04-02T12:55:00Z"},{"value":"0.5677","scoring_system":"epss","scoring_elements":"0.98121","published_at":"2026-04-04T12:55:00Z"},{"value":"0.5677","scoring_system":"epss","scoring_elements":"0.98122","published_at":"2026-04-07T12:55:00Z"},{"value":"0.5677","scoring_system":"epss","scoring_elements":"0.98126","published_at":"2026-04-08T12:55:00Z"},{"value":"0.5677","scoring_system":"epss","scoring_elements":"0.98127","published_at":"2026-04-09T12:55:00Z"},{"value":"0.5677","scoring_system":"epss","scoring_elements":"0.98131","published_at":"2026-04-12T12:55:00Z"},{"value":"0.5677","scoring_system":"epss","scoring_elements":"0.98132","published_at":"2026-04-13T12:55:00Z"},{"value":"0.5677","scoring_system":"epss","scoring_elements":"0.98137","published_at":"2026-04-16T12:55:00Z"},{"value":"0.5677","scoring_system":"epss","scoring_elements":"0.98139","published_at":"2026-04-18T12:55:00Z"},{"value":"0.5677","scoring_system":"epss","scoring_elements":"0.98136","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1531"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1531","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1531"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:C/I:C/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.exploit-db.com/exploits/39535/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/39535/"},{"reference_url":"https://www.exploit-db.com/exploits/39549/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/39549/"},{"reference_url":"https://www.exploit-db.com/exploits/39702/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/39702/"},{"reference_url":"http://www.debian.org/security/2016/dsa-3517","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2016/dsa-3517"},{"reference_url":"http://www.exim.org/static/doc/CVE-2016-1531.txt","reference_id":"","reference_type":"","scores":[],"url":"http://www.exim.org/static/doc/CVE-2016-1531.txt"},{"reference_url":"http://www.rapid7.com/db/modules/exploit/unix/local/exim_perl_startup","reference_id":"","reference_type":"","scores":[],"url":"http://www.rapid7.com/db/modules/exploit/unix/local/exim_perl_startup"},{"reference_url":"http://www.securitytracker.com/id/1035512","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1035512"},{"reference_url":"http://www.ubuntu.com/usn/USN-2933-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2933-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314293","reference_id":"1314293","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1314293"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*"},{"reference_url":"http://legalhackers.com/advisories/Exim-Local-Root-Privilege-Escalation.txt","reference_id":"CVE-2016-1531","reference_type":"exploit","scores":[],"url":"http://legalhackers.com/advisories/Exim-Local-Root-Privilege-Escalation.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39535.sh","reference_id":"CVE-2016-1531","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39535.sh"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39549.txt","reference_id":"CVE-2016-1531","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39549.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39702.rb","reference_id":"CVE-2016-1531","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39702.rb"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1531","reference_id":"CVE-2016-1531","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:C/I:C/A:C"},{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1531"},{"reference_url":"https://usn.ubuntu.com/2933-1/","reference_id":"USN-2933-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2933-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585223?format=json","purl":"pkg:deb/debian/exim4@4.86.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.86.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2016-1531"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p285-6bu3-vuh5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50405?format=json","vulnerability_id":"VCID-pdm2-w3dk-p7gd","summary":"Multiple vulnerabilities were found in Exim, the worst of which\n    leading to remote execution of arbitrary code with root privileges.","references":[{"reference_url":"ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.74","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.74"},{"reference_url":"http://lists.exim.org/lurker/message/20110126.034702.4d69c278.en.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.exim.org/lurker/message/20110126.034702.4d69c278.en.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00004.html"},{"reference_url":"http://osvdb.org/70696","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/70696"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0017.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0017.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0017","reference_id":"","reference_type":"","scores":[{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30172","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30706","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30838","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30884","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30703","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30761","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30793","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30796","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30752","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30705","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.3073","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.3071","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30676","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30504","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30392","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.3031","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-0017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0017"},{"reference_url":"http://secunia.com/advisories/43101","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43101"},{"reference_url":"http://secunia.com/advisories/43128","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43128"},{"reference_url":"http://secunia.com/advisories/43243","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43243"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/65028","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/65028"},{"reference_url":"http://www.debian.org/security/2011/dsa-2154","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2011/dsa-2154"},{"reference_url":"http://www.securityfocus.com/bid/46065","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/46065"},{"reference_url":"http://www.ubuntu.com/usn/USN-1060-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1060-1"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0224","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0224"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0245","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0245"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0364","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0364"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0464","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0464"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=670945","reference_id":"670945","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=670945"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:2.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:2.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:2.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:2.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:2.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:2.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:2.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:2.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:2.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.00:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.00:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.00:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.01:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.01:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.01:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.02:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.02:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.02:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.03:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.03:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.03:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.13:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.13:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.13:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.15:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.15:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.15:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.16:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.16:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.16:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.33:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.33:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.33:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.34:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.34:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.34:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.35:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.35:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.35:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.36:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:3.36:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:3.36:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0017","reference_id":"CVE-2011-0017","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-0017"},{"reference_url":"https://security.gentoo.org/glsa/201401-32","reference_id":"GLSA-201401-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-32"},{"reference_url":"https://usn.ubuntu.com/1060-1/","reference_id":"USN-1060-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1060-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584635?format=json","purl":"pkg:deb/debian/exim4@4.72-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.72-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2011-0017"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pdm2-w3dk-p7gd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71807?format=json","vulnerability_id":"VCID-ppju-pcvp-4khj","summary":"exim: Exim: remote SQL injection","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26794.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26794.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26794","reference_id":"","reference_type":"","scores":[{"value":"0.74732","scoring_system":"epss","scoring_elements":"0.98852","published_at":"2026-04-02T12:55:00Z"},{"value":"0.74732","scoring_system":"epss","scoring_elements":"0.98872","published_at":"2026-04-26T12:55:00Z"},{"value":"0.74732","scoring_system":"epss","scoring_elements":"0.98873","published_at":"2026-04-29T12:55:00Z"},{"value":"0.74732","scoring_system":"epss","scoring_elements":"0.98869","published_at":"2026-04-21T12:55:00Z"},{"value":"0.74732","scoring_system":"epss","scoring_elements":"0.98865","published_at":"2026-04-18T12:55:00Z"},{"value":"0.74732","scoring_system":"epss","scoring_elements":"0.98864","published_at":"2026-04-16T12:55:00Z"},{"value":"0.74732","scoring_system":"epss","scoring_elements":"0.9886","published_at":"2026-04-13T12:55:00Z"},{"value":"0.74732","scoring_system":"epss","scoring_elements":"0.98859","published_at":"2026-04-12T12:55:00Z"},{"value":"0.74732","scoring_system":"epss","scoring_elements":"0.98856","published_at":"2026-04-09T12:55:00Z"},{"value":"0.74732","scoring_system":"epss","scoring_elements":"0.98854","published_at":"2026-04-04T12:55:00Z"},{"value":"0.74732","scoring_system":"epss","scoring_elements":"0.98855","published_at":"2026-04-07T12:55:00Z"},{"value":"0.75087","scoring_system":"epss","scoring_elements":"0.98891","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26794"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346981","reference_id":"2346981","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2346981"},{"reference_url":"https://github.com/NixOS/nixpkgs/pull/383926","reference_id":"383926","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-21T16:11:25Z/"}],"url":"https://github.com/NixOS/nixpkgs/pull/383926"},{"reference_url":"https://github.com/openbsd/ports/commit/584d2c49addce9ca0ae67882cc16969104d7f82d","reference_id":"584d2c49addce9ca0ae67882cc16969104d7f82d","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-21T16:11:25Z/"}],"url":"https://github.com/openbsd/ports/commit/584d2c49addce9ca0ae67882cc16969104d7f82d"},{"reference_url":"https://code.exim.org/exim/exim/commit/bfe32b5c6ea033736a26da8421513206db9fe305","reference_id":"bfe32b5c6ea033736a26da8421513206db9fe305","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-21T16:11:25Z/"}],"url":"https://code.exim.org/exim/exim/commit/bfe32b5c6ea033736a26da8421513206db9fe305"},{"reference_url":"https://www.exim.org/static/doc/security/CVE-2025-26794.txt","reference_id":"CVE-2025-26794.txt","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-21T16:11:25Z/"}],"url":"https://www.exim.org/static/doc/security/CVE-2025-26794.txt"},{"reference_url":"https://exim.org","reference_id":"exim.org","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-21T16:11:25Z/"}],"url":"https://exim.org"},{"reference_url":"https://github.com/Exim/exim/wiki/EximSecurity","reference_id":"EximSecurity","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-21T16:11:25Z/"}],"url":"https://github.com/Exim/exim/wiki/EximSecurity"},{"reference_url":"https://exim.org/static/doc/security/EXIM-Security-2025-12-09.1/report.txt","reference_id":"report.txt","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-21T16:11:25Z/"}],"url":"https://exim.org/static/doc/security/EXIM-Security-2025-12-09.1/report.txt"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1237424","reference_id":"show_bug.cgi?id=1237424","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-02-21T16:11:25Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1237424"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584056?format=json","purl":"pkg:deb/debian/exim4@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585087?format=json","purl":"pkg:deb/debian/exim4@4.98-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2025-26794"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ppju-pcvp-4khj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56938?format=json","vulnerability_id":"VCID-puuy-w6ze-9kc7","summary":"Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42119.json","reference_id":"","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42119.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-42119","reference_id":"","reference_type":"","scores":[{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72637","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72765","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72776","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72772","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72654","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72632","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72671","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72684","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72707","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.7269","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.7268","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72722","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72733","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72725","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00731","scoring_system":"epss","scoring_elements":"0.72767","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-42119"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42119","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42119"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241542","reference_id":"2241542","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241542"},{"reference_url":"https://security.gentoo.org/glsa/202402-18","reference_id":"GLSA-202402-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-18"},{"reference_url":"https://usn.ubuntu.com/6455-1/","reference_id":"USN-6455-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6455-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1473/","reference_id":"ZDI-23-1473","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-05T16:29:47Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1473/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585684?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585685?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/585686?format=json","purl":"pkg:deb/debian/exim4@4.97~RC2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.97~RC2-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-42119"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-puuy-w6ze-9kc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45521?format=json","vulnerability_id":"VCID-pzsv-7fee-1ugu","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28018","reference_id":"","reference_type":"","scores":[{"value":"0.65912","scoring_system":"epss","scoring_elements":"0.98522","published_at":"2026-04-26T12:55:00Z"},{"value":"0.65912","scoring_system":"epss","scoring_elements":"0.98521","published_at":"2026-04-29T12:55:00Z"},{"value":"0.65912","scoring_system":"epss","scoring_elements":"0.98517","published_at":"2026-04-21T12:55:00Z"},{"value":"0.65912","scoring_system":"epss","scoring_elements":"0.98525","published_at":"2026-05-05T12:55:00Z"},{"value":"0.76461","scoring_system":"epss","scoring_elements":"0.98927","published_at":"2026-04-01T12:55:00Z"},{"value":"0.76461","scoring_system":"epss","scoring_elements":"0.98928","published_at":"2026-04-02T12:55:00Z"},{"value":"0.76461","scoring_system":"epss","scoring_elements":"0.9893","published_at":"2026-04-04T12:55:00Z"},{"value":"0.78667","scoring_system":"epss","scoring_elements":"0.99043","published_at":"2026-04-13T12:55:00Z"},{"value":"0.78667","scoring_system":"epss","scoring_elements":"0.99044","published_at":"2026-04-16T12:55:00Z"},{"value":"0.78667","scoring_system":"epss","scoring_elements":"0.99045","published_at":"2026-04-18T12:55:00Z"},{"value":"0.78667","scoring_system":"epss","scoring_elements":"0.99042","published_at":"2026-04-11T12:55:00Z"},{"value":"0.78667","scoring_system":"epss","scoring_elements":"0.99041","published_at":"2026-04-08T12:55:00Z"},{"value":"0.78667","scoring_system":"epss","scoring_elements":"0.9904","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28018"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28018","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28018"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28018"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pzsv-7fee-1ugu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/279287?format=json","vulnerability_id":"VCID-q8zm-fhfq-sfan","summary":"A vulnerability was found in Exim and classified as problematic. This issue affects the function dmarc_dns_lookup of the file dmarc.c of the component DMARC Handler. The manipulation leads to use after free. The attack may be initiated remotely. The name of the patch is 12fb3842f81bcbd4a4519d5728f2d7e0e3ca1445. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211919.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3620","reference_id":"","reference_type":"","scores":[{"value":"0.01227","scoring_system":"epss","scoring_elements":"0.79226","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01227","scoring_system":"epss","scoring_elements":"0.79131","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01227","scoring_system":"epss","scoring_elements":"0.79156","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01227","scoring_system":"epss","scoring_elements":"0.79142","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01227","scoring_system":"epss","scoring_elements":"0.79132","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01227","scoring_system":"epss","scoring_elements":"0.79159","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01227","scoring_system":"epss","scoring_elements":"0.79155","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01227","scoring_system":"epss","scoring_elements":"0.79189","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01227","scoring_system":"epss","scoring_elements":"0.79196","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01227","scoring_system":"epss","scoring_elements":"0.79213","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01227","scoring_system":"epss","scoring_elements":"0.79087","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01227","scoring_system":"epss","scoring_elements":"0.79114","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01227","scoring_system":"epss","scoring_elements":"0.79099","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01227","scoring_system":"epss","scoring_elements":"0.79124","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3620"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022556","reference_id":"1022556","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1022556"},{"reference_url":"https://git.exim.org/exim.git/commit/12fb3842f81bcbd4a4519d5728f2d7e0e3ca1445","reference_id":"12fb3842f81bcbd4a4519d5728f2d7e0e3ca1445","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:15Z/"}],"url":"https://git.exim.org/exim.git/commit/12fb3842f81bcbd4a4519d5728f2d7e0e3ca1445"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/667V3ADXQ2MHUJMSXA3VZZEWLVSCIBEU/","reference_id":"667V3ADXQ2MHUJMSXA3VZZEWLVSCIBEU","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:15Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/667V3ADXQ2MHUJMSXA3VZZEWLVSCIBEU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV/","reference_id":"EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:15Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EIH4W5R7SHTUEQFWWKB4TUO5YFZX64KV/"},{"reference_url":"https://vuldb.com/?id.211919","reference_id":"?id.211919","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:15Z/"}],"url":"https://vuldb.com/?id.211919"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XV2K2AWF62FSJ64B5CUZPFT4COK7P5PM/","reference_id":"XV2K2AWF62FSJ64B5CUZPFT4COK7P5PM","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:08:15Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XV2K2AWF62FSJ64B5CUZPFT4COK7P5PM/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584056?format=json","purl":"pkg:deb/debian/exim4@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/922057?format=json","purl":"pkg:deb/debian/exim4@4.96-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2022-3620"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q8zm-fhfq-sfan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45513?format=json","vulnerability_id":"VCID-qr4y-643y-dqdz","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28010","reference_id":"","reference_type":"","scores":[{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31312","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31841","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31673","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31545","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31463","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31844","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31896","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31925","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3193","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.3189","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31857","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31889","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00126","scoring_system":"epss","scoring_elements":"0.31868","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35879","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35909","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35681","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28010"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qr4y-643y-dqdz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56929?format=json","vulnerability_id":"VCID-qupq-a4jw-bbhh","summary":"Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42114.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-42114.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-42114","reference_id":"","reference_type":"","scores":[{"value":"0.13895","scoring_system":"epss","scoring_elements":"0.94276","published_at":"2026-04-02T12:55:00Z"},{"value":"0.13895","scoring_system":"epss","scoring_elements":"0.94336","published_at":"2026-05-05T12:55:00Z"},{"value":"0.13895","scoring_system":"epss","scoring_elements":"0.94327","published_at":"2026-04-21T12:55:00Z"},{"value":"0.13895","scoring_system":"epss","scoring_elements":"0.94331","published_at":"2026-04-29T12:55:00Z"},{"value":"0.13895","scoring_system":"epss","scoring_elements":"0.94287","published_at":"2026-04-04T12:55:00Z"},{"value":"0.13895","scoring_system":"epss","scoring_elements":"0.94289","published_at":"2026-04-07T12:55:00Z"},{"value":"0.13895","scoring_system":"epss","scoring_elements":"0.94298","published_at":"2026-04-08T12:55:00Z"},{"value":"0.13895","scoring_system":"epss","scoring_elements":"0.94302","published_at":"2026-04-09T12:55:00Z"},{"value":"0.13895","scoring_system":"epss","scoring_elements":"0.94306","published_at":"2026-04-11T12:55:00Z"},{"value":"0.13895","scoring_system":"epss","scoring_elements":"0.94307","published_at":"2026-04-12T12:55:00Z"},{"value":"0.13895","scoring_system":"epss","scoring_elements":"0.94308","published_at":"2026-04-13T12:55:00Z"},{"value":"0.13895","scoring_system":"epss","scoring_elements":"0.94323","published_at":"2026-04-16T12:55:00Z"},{"value":"0.13895","scoring_system":"epss","scoring_elements":"0.94328","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-42114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42114"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42115"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42116"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241538","reference_id":"2241538","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2241538"},{"reference_url":"https://security.gentoo.org/glsa/202402-18","reference_id":"GLSA-202402-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-18"},{"reference_url":"https://usn.ubuntu.com/6411-1/","reference_id":"USN-6411-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6411-1/"},{"reference_url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1468/","reference_id":"ZDI-23-1468","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-03T17:07:34Z/"}],"url":"https://www.zerodayinitiative.com/advisories/ZDI-23-1468/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583814?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583815?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583816?format=json","purl":"pkg:deb/debian/exim4@4.97~RC1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.97~RC1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-42114"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qupq-a4jw-bbhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45523?format=json","vulnerability_id":"VCID-qyqw-2gga-m3c6","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28020","reference_id":"","reference_type":"","scores":[{"value":"0.19796","scoring_system":"epss","scoring_elements":"0.95417","published_at":"2026-04-02T12:55:00Z"},{"value":"0.19796","scoring_system":"epss","scoring_elements":"0.95423","published_at":"2026-04-04T12:55:00Z"},{"value":"0.19796","scoring_system":"epss","scoring_elements":"0.95408","published_at":"2026-04-01T12:55:00Z"},{"value":"0.21063","scoring_system":"epss","scoring_elements":"0.95642","published_at":"2026-04-09T12:55:00Z"},{"value":"0.21063","scoring_system":"epss","scoring_elements":"0.95646","published_at":"2026-04-12T12:55:00Z"},{"value":"0.21063","scoring_system":"epss","scoring_elements":"0.95648","published_at":"2026-04-13T12:55:00Z"},{"value":"0.21063","scoring_system":"epss","scoring_elements":"0.95657","published_at":"2026-04-16T12:55:00Z"},{"value":"0.21063","scoring_system":"epss","scoring_elements":"0.9566","published_at":"2026-04-18T12:55:00Z"},{"value":"0.21063","scoring_system":"epss","scoring_elements":"0.95662","published_at":"2026-04-21T12:55:00Z"},{"value":"0.21063","scoring_system":"epss","scoring_elements":"0.95663","published_at":"2026-04-29T12:55:00Z"},{"value":"0.21063","scoring_system":"epss","scoring_elements":"0.95664","published_at":"2026-04-26T12:55:00Z"},{"value":"0.21063","scoring_system":"epss","scoring_elements":"0.95679","published_at":"2026-05-05T12:55:00Z"},{"value":"0.21063","scoring_system":"epss","scoring_elements":"0.9563","published_at":"2026-04-07T12:55:00Z"},{"value":"0.21063","scoring_system":"epss","scoring_elements":"0.95638","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28020"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28020","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28020"},{"reference_url":"https://security.archlinux.org/AVG-1912","reference_id":"AVG-1912","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1912"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"},{"reference_url":"https://usn.ubuntu.com/4934-2/","reference_id":"USN-4934-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585471?format=json","purl":"pkg:deb/debian/exim4@4.92~RC5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92~RC5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28020"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qyqw-2gga-m3c6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49994?format=json","vulnerability_id":"VCID-raam-5am9-hbef","summary":"A vulnerability in Exim could allow a remote attacker to execute\n    arbitrary commands.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10149.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10149.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10149","reference_id":"","reference_type":"","scores":[{"value":"0.93918","scoring_system":"epss","scoring_elements":"0.99879","published_at":"2026-04-24T12:55:00Z"},{"value":"0.93918","scoring_system":"epss","scoring_elements":"0.99878","published_at":"2026-04-12T12:55:00Z"},{"value":"0.93918","scoring_system":"epss","scoring_elements":"0.9988","published_at":"2026-05-05T12:55:00Z"},{"value":"0.93918","scoring_system":"epss","scoring_elements":"0.99876","published_at":"2026-04-01T12:55:00Z"},{"value":"0.93918","scoring_system":"epss","scoring_elements":"0.99877","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10149"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10149","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10149"},{"reference_url":"http://www.securityfocus.com/bid/108679","reference_id":"108679","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/"}],"url":"http://www.securityfocus.com/bid/108679"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1715237","reference_id":"1715237","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1715237"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/06/05/2","reference_id":"2","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/06/05/2"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/06/05/3","reference_id":"3","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/06/05/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/07/26/4","reference_id":"4","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/07/26/4"},{"reference_url":"https://seclists.org/bugtraq/2019/Jun/5","reference_id":"5","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/"}],"url":"https://seclists.org/bugtraq/2019/Jun/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/07/25/6","reference_id":"6","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/07/25/6"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/07/25/7","reference_id":"7","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/"}],"url":"http://www.openwall.com/lists/oss-security/2019/07/25/7"},{"reference_url":"https://security.archlinux.org/AVG-982","reference_id":"AVG-982","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-982"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46996.sh","reference_id":"CVE-2019-10149","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/46996.sh"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/47307.rb","reference_id":"CVE-2019-10149","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/47307.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/46974.txt","reference_id":"CVE-2019-10149","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/46974.txt"},{"reference_url":"https://lwn.net/Articles/790553/","reference_id":"CVE-2019-10149","reference_type":"exploit","scores":[],"url":"https://lwn.net/Articles/790553/"},{"reference_url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb","reference_id":"CVE-2019-10149","reference_type":"exploit","scores":[],"url":"https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/local/exim4_deliver_message_priv_esc.rb"},{"reference_url":"https://www.exim.org/static/doc/security/CVE-2019-10149.txt","reference_id":"CVE-2019-10149.txt","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/"}],"url":"https://www.exim.org/static/doc/security/CVE-2019-10149.txt"},{"reference_url":"https://www.debian.org/security/2019/dsa-4456","reference_id":"dsa-4456","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/"}],"url":"https://www.debian.org/security/2019/dsa-4456"},{"reference_url":"http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html","reference_id":"Exim-4.91-Local-Privilege-Escalation.html","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/"}],"url":"http://packetstormsecurity.com/files/153312/Exim-4.91-Local-Privilege-Escalation.html"},{"reference_url":"http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html","reference_id":"Exim-4.91-Local-Privilege-Escalation.html","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/"}],"url":"http://packetstormsecurity.com/files/154198/Exim-4.91-Local-Privilege-Escalation.html"},{"reference_url":"http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html","reference_id":"Exim-4.9.1-Remote-Command-Execution.html","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/"}],"url":"http://packetstormsecurity.com/files/153218/Exim-4.9.1-Remote-Command-Execution.html"},{"reference_url":"https://security.gentoo.org/glsa/201906-01","reference_id":"GLSA-201906-01","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/"}],"url":"https://security.gentoo.org/glsa/201906-01"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00020.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149","reference_id":"show_bug.cgi?id=CVE-2019-10149","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10149"},{"reference_url":"https://usn.ubuntu.com/4010-1/","reference_id":"USN-4010-1","reference_type":"","scores":[{"value":"9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-02-07T13:31:13Z/"}],"url":"https://usn.ubuntu.com/4010-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586777?format=json","purl":"pkg:deb/debian/exim4@4.92~RC3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92~RC3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2019-10149"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-raam-5am9-hbef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50407?format=json","vulnerability_id":"VCID-rfam-rzrr-abhb","summary":"Multiple vulnerabilities were found in Exim, the worst of which\n    leading to remote execution of arbitrary code with root privileges.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1764.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1764.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1764","reference_id":"","reference_type":"","scores":[{"value":"0.0353","scoring_system":"epss","scoring_elements":"0.87605","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0353","scoring_system":"epss","scoring_elements":"0.87614","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0353","scoring_system":"epss","scoring_elements":"0.87628","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04718","scoring_system":"epss","scoring_elements":"0.89356","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04718","scoring_system":"epss","scoring_elements":"0.89372","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04718","scoring_system":"epss","scoring_elements":"0.89376","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04718","scoring_system":"epss","scoring_elements":"0.89385","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04718","scoring_system":"epss","scoring_elements":"0.89382","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04718","scoring_system":"epss","scoring_elements":"0.89378","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04718","scoring_system":"epss","scoring_elements":"0.89393","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04718","scoring_system":"epss","scoring_elements":"0.8939","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04718","scoring_system":"epss","scoring_elements":"0.89407","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04718","scoring_system":"epss","scoring_elements":"0.89412","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04718","scoring_system":"epss","scoring_elements":"0.89414","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04718","scoring_system":"epss","scoring_elements":"0.89422","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1764"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1764","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1764"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624670","reference_id":"624670","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624670"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=702474","reference_id":"702474","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=702474"},{"reference_url":"https://security.gentoo.org/glsa/201401-32","reference_id":"GLSA-201401-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-32"},{"reference_url":"https://usn.ubuntu.com/1130-1/","reference_id":"USN-1130-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1130-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582228?format=json","purl":"pkg:deb/debian/exim4@4.75-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.75-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2011-1764"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rfam-rzrr-abhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45519?format=json","vulnerability_id":"VCID-rgkw-1sqv-d7hx","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28016","reference_id":"","reference_type":"","scores":[{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35138","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35596","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35358","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35337","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35256","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35606","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35652","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35675","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35684","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.3564","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35618","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35657","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0015","scoring_system":"epss","scoring_elements":"0.35647","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39752","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39774","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00181","scoring_system":"epss","scoring_elements":"0.39604","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28016"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28016","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28016"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"},{"reference_url":"https://usn.ubuntu.com/4934-2/","reference_id":"USN-4934-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28016"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rgkw-1sqv-d7hx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/57177?format=json","vulnerability_id":"VCID-rrea-52kb-3qf1","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"http://openwall.com/lists/oss-security/2017/11/25/1","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2017/11/25/1"},{"reference_url":"http://openwall.com/lists/oss-security/2017/11/25/2","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2017/11/25/2"},{"reference_url":"http://openwall.com/lists/oss-security/2017/11/25/3","reference_id":"","reference_type":"","scores":[],"url":"http://openwall.com/lists/oss-security/2017/11/25/3"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16944.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-16944.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16944","reference_id":"","reference_type":"","scores":[{"value":"0.76031","scoring_system":"epss","scoring_elements":"0.98908","published_at":"2026-04-01T12:55:00Z"},{"value":"0.76031","scoring_system":"epss","scoring_elements":"0.98934","published_at":"2026-05-05T12:55:00Z"},{"value":"0.76031","scoring_system":"epss","scoring_elements":"0.98925","published_at":"2026-04-21T12:55:00Z"},{"value":"0.76031","scoring_system":"epss","scoring_elements":"0.98928","published_at":"2026-04-26T12:55:00Z"},{"value":"0.76031","scoring_system":"epss","scoring_elements":"0.9893","published_at":"2026-04-29T12:55:00Z"},{"value":"0.76031","scoring_system":"epss","scoring_elements":"0.9891","published_at":"2026-04-02T12:55:00Z"},{"value":"0.76031","scoring_system":"epss","scoring_elements":"0.98912","published_at":"2026-04-04T12:55:00Z"},{"value":"0.76031","scoring_system":"epss","scoring_elements":"0.98914","published_at":"2026-04-07T12:55:00Z"},{"value":"0.76031","scoring_system":"epss","scoring_elements":"0.98916","published_at":"2026-04-08T12:55:00Z"},{"value":"0.76031","scoring_system":"epss","scoring_elements":"0.98915","published_at":"2026-04-09T12:55:00Z"},{"value":"0.76031","scoring_system":"epss","scoring_elements":"0.98917","published_at":"2026-04-11T12:55:00Z"},{"value":"0.76031","scoring_system":"epss","scoring_elements":"0.98918","published_at":"2026-04-13T12:55:00Z"},{"value":"0.76031","scoring_system":"epss","scoring_elements":"0.9892","published_at":"2026-04-16T12:55:00Z"},{"value":"0.76031","scoring_system":"epss","scoring_elements":"0.98922","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-16944"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16943","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16943"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16944","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16944"},{"reference_url":"https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.exim.org/lurker/message/20171125.034842.d1d75cac.en.html"},{"reference_url":"https://www.debian.org/security/2017/dsa-4053","reference_id":"","reference_type":"","scores":[],"url":"https://www.debian.org/security/2017/dsa-4053"},{"reference_url":"https://www.exploit-db.com/exploits/43184/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/43184/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/05/04/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2021/05/04/7"},{"reference_url":"http://www.securitytracker.com/id/1039873","reference_id":"","reference_type":"","scores":[],"url":"http://www.securitytracker.com/id/1039873"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1517684","reference_id":"1517684","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1517684"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882671","reference_id":"882671","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882671"},{"reference_url":"https://security.archlinux.org/ASA-201711-32","reference_id":"ASA-201711-32","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-32"},{"reference_url":"https://security.archlinux.org/AVG-518","reference_id":"AVG-518","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-518"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.88:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.88:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.88:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.89:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.89:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.89:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://bugs.exim.org/show_bug.cgi?id=2201","reference_id":"CVE-2017-16944","reference_type":"exploit","scores":[],"url":"https://bugs.exim.org/show_bug.cgi?id=2201"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/43184.txt","reference_id":"CVE-2017-16944","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/43184.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16944","reference_id":"CVE-2017-16944","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-16944"},{"reference_url":"https://security.gentoo.org/glsa/201803-01","reference_id":"GLSA-201803-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-01"},{"reference_url":"https://usn.ubuntu.com/3499-1/","reference_id":"USN-3499-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3499-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/585463?format=json","purl":"pkg:deb/debian/exim4@4.89-13?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-13%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2017-16944"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rrea-52kb-3qf1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/355420?format=json","vulnerability_id":"VCID-ry9v-ge65-sqbb","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40687","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.19804","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-40687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40687"},{"reference_url":"https://www.openwall.com/lists/oss-security/2026/04/30/21","reference_id":"21","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T14:25:03Z/"}],"url":"https://www.openwall.com/lists/oss-security/2026/04/30/21"},{"reference_url":"https://code.exim.org/exim/exim/commit/68b963b9f75ca27b38e1c0f8c87037990199f505","reference_id":"68b963b9f75ca27b38e1c0f8c87037990199f505","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T14:25:03Z/"}],"url":"https://code.exim.org/exim/exim/commit/68b963b9f75ca27b38e1c0f8c87037990199f505"},{"reference_url":"https://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40687.assessment","reference_id":"CVE2026-40687.assessment","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T14:25:03Z/"}],"url":"https://exim.org/static/doc/security/cve-2026-04.1/CVE2026-40687.assessment"},{"reference_url":"https://exim.org/static/doc/security/CVE-2026-40687.txt","reference_id":"CVE-2026-40687.txt","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-01T14:25:03Z/"}],"url":"https://exim.org/static/doc/security/CVE-2026-40687.txt"},{"reference_url":"https://usn.ubuntu.com/8228-1/","reference_id":"USN-8228-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8228-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2026-40687"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ry9v-ge65-sqbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50408?format=json","vulnerability_id":"VCID-sam4-h21q-dkej","summary":"Multiple vulnerabilities were found in Exim, the worst of which\n    leading to remote execution of arbitrary code with root privileges.","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091664.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-November/091664.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090900.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090900.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090963.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090963.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00018.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2012-10/msg00018.html"},{"reference_url":"http://osvdb.org/86616","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/86616"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5671.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5671.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5671","reference_id":"","reference_type":"","scores":[{"value":"0.35729","scoring_system":"epss","scoring_elements":"0.97096","published_at":"2026-05-05T12:55:00Z"},{"value":"0.35729","scoring_system":"epss","scoring_elements":"0.97044","published_at":"2026-04-01T12:55:00Z"},{"value":"0.35729","scoring_system":"epss","scoring_elements":"0.97051","published_at":"2026-04-02T12:55:00Z"},{"value":"0.35729","scoring_system":"epss","scoring_elements":"0.97055","published_at":"2026-04-04T12:55:00Z"},{"value":"0.35729","scoring_system":"epss","scoring_elements":"0.97056","published_at":"2026-04-07T12:55:00Z"},{"value":"0.35729","scoring_system":"epss","scoring_elements":"0.97065","published_at":"2026-04-08T12:55:00Z"},{"value":"0.35729","scoring_system":"epss","scoring_elements":"0.97066","published_at":"2026-04-09T12:55:00Z"},{"value":"0.35729","scoring_system":"epss","scoring_elements":"0.9707","published_at":"2026-04-12T12:55:00Z"},{"value":"0.35729","scoring_system":"epss","scoring_elements":"0.97071","published_at":"2026-04-13T12:55:00Z"},{"value":"0.35729","scoring_system":"epss","scoring_elements":"0.97081","published_at":"2026-04-16T12:55:00Z"},{"value":"0.35729","scoring_system":"epss","scoring_elements":"0.97084","published_at":"2026-04-18T12:55:00Z"},{"value":"0.35729","scoring_system":"epss","scoring_elements":"0.97088","published_at":"2026-04-21T12:55:00Z"},{"value":"0.35729","scoring_system":"epss","scoring_elements":"0.97089","published_at":"2026-04-24T12:55:00Z"},{"value":"0.35729","scoring_system":"epss","scoring_elements":"0.97092","published_at":"2026-04-26T12:55:00Z"},{"value":"0.35729","scoring_system":"epss","scoring_elements":"0.97093","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5671"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5671","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5671"},{"reference_url":"http://secunia.com/advisories/51098","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/51098"},{"reference_url":"http://secunia.com/advisories/51115","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/51115"},{"reference_url":"http://secunia.com/advisories/51153","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/51153"},{"reference_url":"http://secunia.com/advisories/51155","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/51155"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/79615","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/79615"},{"reference_url":"https://lists.exim.org/lurker/message/20121026.080330.74b9147b.en.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.exim.org/lurker/message/20121026.080330.74b9147b.en.html"},{"reference_url":"http://www.debian.org/security/2012/dsa-2566","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2012/dsa-2566"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/10/26/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/10/26/5"},{"reference_url":"http://www.securityfocus.com/bid/56285","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/56285"},{"reference_url":"http://www.ubuntu.com/usn/USN-1618-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-1618-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=869953","reference_id":"869953","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=869953"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5671","reference_id":"CVE-2012-5671","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5671"},{"reference_url":"https://security.gentoo.org/glsa/201401-32","reference_id":"GLSA-201401-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-32"},{"reference_url":"https://usn.ubuntu.com/1618-1/","reference_id":"USN-1618-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1618-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583315?format=json","purl":"pkg:deb/debian/exim4@4.80-5.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.80-5.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2012-5671"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sam4-h21q-dkej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/56939?format=json","vulnerability_id":"VCID-stsb-pwen-87g7","summary":"Multiple vulnerabilities have been discovered in Exim, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-51766","reference_id":"","reference_type":"","scores":[{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81898","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81921","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81917","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81944","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81951","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81971","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.8196","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81955","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.8199","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.81992","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82015","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82026","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.82031","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01642","scoring_system":"epss","scoring_elements":"0.8205","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-51766"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51766","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-51766"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059387","reference_id":"1059387","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059387"},{"reference_url":"https://security.gentoo.org/glsa/202402-18","reference_id":"GLSA-202402-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202402-18"},{"reference_url":"https://usn.ubuntu.com/6611-1/","reference_id":"USN-6611-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6611-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584972?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584973?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/584974?format=json","purl":"pkg:deb/debian/exim4@4.97-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.97-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2023-51766"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-stsb-pwen-87g7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45522?format=json","vulnerability_id":"VCID-swer-ztd6-nkga","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28019","reference_id":"","reference_type":"","scores":[{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82115","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82128","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01682","scoring_system":"epss","scoring_elements":"0.82149","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82873","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82889","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82884","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.8288","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82919","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.8292","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82922","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82942","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82952","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82957","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82977","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82841","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82866","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28019"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-swer-ztd6-nkga"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86269?format=json","vulnerability_id":"VCID-teft-hqz3-7ubr","summary":"exim: remote arbitrary code execution via DMARC code parsing","references":[{"reference_url":"http://git.exim.org/exim.git/commitdiff/5b7a7c051c9ab9ee7c924a611f90ef2be03e0ad0","reference_id":"","reference_type":"","scores":[],"url":"http://git.exim.org/exim.git/commitdiff/5b7a7c051c9ab9ee7c924a611f90ef2be03e0ad0"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2957.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2957.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2957","reference_id":"","reference_type":"","scores":[{"value":"0.01821","scoring_system":"epss","scoring_elements":"0.82967","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01821","scoring_system":"epss","scoring_elements":"0.82911","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01821","scoring_system":"epss","scoring_elements":"0.82932","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01821","scoring_system":"epss","scoring_elements":"0.82942","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01821","scoring_system":"epss","scoring_elements":"0.82947","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01821","scoring_system":"epss","scoring_elements":"0.82832","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01821","scoring_system":"epss","scoring_elements":"0.82857","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01821","scoring_system":"epss","scoring_elements":"0.82864","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01821","scoring_system":"epss","scoring_elements":"0.8288","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01821","scoring_system":"epss","scoring_elements":"0.82875","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01821","scoring_system":"epss","scoring_elements":"0.82871","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01821","scoring_system":"epss","scoring_elements":"0.8291","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01821","scoring_system":"epss","scoring_elements":"0.82909","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02176","scoring_system":"epss","scoring_elements":"0.84279","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02176","scoring_system":"epss","scoring_elements":"0.84298","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02176","scoring_system":"epss","scoring_elements":"0.84266","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2957"},{"reference_url":"https://lists.exim.org/lurker/message/20140528.122536.a31d60a4.en.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.exim.org/lurker/message/20140528.122536.a31d60a4.en.html"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/05/04/7","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2021/05/04/7"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1101725","reference_id":"1101725","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1101725"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.80.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2957","reference_id":"CVE-2014-2957","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2957"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586749?format=json","purl":"pkg:deb/debian/exim4@4.82.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.82.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2014-2957"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-teft-hqz3-7ubr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45516?format=json","vulnerability_id":"VCID-tpt6-ze4u-a7dt","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28013","reference_id":"","reference_type":"","scores":[{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35376","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35838","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.3561","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35579","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35492","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35846","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35897","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35919","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35925","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35884","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.3586","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.359","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00152","scoring_system":"epss","scoring_elements":"0.35887","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.4003","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.40056","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00183","scoring_system":"epss","scoring_elements":"0.39882","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"},{"reference_url":"https://usn.ubuntu.com/4934-2/","reference_id":"USN-4934-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28013"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tpt6-ze4u-a7dt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89316?format=json","vulnerability_id":"VCID-u1km-244u-qugh","summary":"security flaw","references":[{"reference_url":"http://ftp6.us.freebsd.org/pub/mail/exim/ChangeLogs/ChangeLog-4.44","reference_id":"","reference_type":"","scores":[],"url":"http://ftp6.us.freebsd.org/pub/mail/exim/ChangeLogs/ChangeLog-4.44"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0021.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0021.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0021","reference_id":"","reference_type":"","scores":[{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86213","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86084","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86094","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86111","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.8611","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86129","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86141","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86155","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86154","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.8615","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86167","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86172","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86163","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86184","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02817","scoring_system":"epss","scoring_elements":"0.86194","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0021"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200501-23.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-200501-23.xml"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10347","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10347"},{"reference_url":"http://www.debian.org/security/2005/dsa-635","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2005/dsa-635"},{"reference_url":"http://www.debian.org/security/2005/dsa-637","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2005/dsa-637"},{"reference_url":"http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050103/msg00028.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.exim.org/mail-archives/exim-users/Week-of-Mon-20050103/msg00028.html"},{"reference_url":"http://www.idefense.com/application/poi/display?id=179&type=vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://www.idefense.com/application/poi/display?id=179&type=vulnerabilities"},{"reference_url":"http://www.idefense.com/application/poi/display?id=183&type=vulnerabilities","reference_id":"","reference_type":"","scores":[],"url":"http://www.idefense.com/application/poi/display?id=183&type=vulnerabilities"},{"reference_url":"http://www.kb.cert.org/vuls/id/132992","reference_id":"","reference_type":"","scores":[],"url":"http://www.kb.cert.org/vuls/id/132992"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2005-025.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2005-025.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617439","reference_id":"1617439","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617439"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:university_of_cambridge:exim:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:4.41:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:university_of_cambridge:exim:4.41:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:4.41:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:4.42:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:university_of_cambridge:exim:4.42:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:university_of_cambridge:exim:4.42:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2005-0021","reference_id":"CVE-2005-0021","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-0021"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/1009.c","reference_id":"OSVDB-12946;CVE-2005-0021","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/1009.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/756.c","reference_id":"OSVDB-12946;CVE-2005-0021","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/756.c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:025","reference_id":"RHSA-2005:025","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:025"},{"reference_url":"https://usn.ubuntu.com/56-1/","reference_id":"USN-56-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/56-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/584854?format=json","purl":"pkg:deb/debian/exim4@4.34-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.34-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0021"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"6.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u1km-244u-qugh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/79757?format=json","vulnerability_id":"VCID-ujms-hna1-z7e6","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12783.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-12783.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12783","reference_id":"","reference_type":"","scores":[{"value":"0.02941","scoring_system":"epss","scoring_elements":"0.86372","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02941","scoring_system":"epss","scoring_elements":"0.86383","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02941","scoring_system":"epss","scoring_elements":"0.864","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03185","scoring_system":"epss","scoring_elements":"0.86943","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03185","scoring_system":"epss","scoring_elements":"0.86963","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03185","scoring_system":"epss","scoring_elements":"0.8697","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03185","scoring_system":"epss","scoring_elements":"0.86984","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03185","scoring_system":"epss","scoring_elements":"0.86978","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03185","scoring_system":"epss","scoring_elements":"0.86973","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03185","scoring_system":"epss","scoring_elements":"0.86988","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03185","scoring_system":"epss","scoring_elements":"0.86992","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03185","scoring_system":"epss","scoring_elements":"0.8699","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03185","scoring_system":"epss","scoring_elements":"0.87008","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03185","scoring_system":"epss","scoring_elements":"0.87013","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03185","scoring_system":"epss","scoring_elements":"0.87015","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03185","scoring_system":"epss","scoring_elements":"0.87035","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-12783"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12783","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12783"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1836362","reference_id":"1836362","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1836362"},{"reference_url":"https://usn.ubuntu.com/4366-1/","reference_id":"USN-4366-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4366-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586780?format=json","purl":"pkg:deb/debian/exim4@4.93-16?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.93-16%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-12783"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ujms-hna1-z7e6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45518?format=json","vulnerability_id":"VCID-v1t8-y73h-vyee","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28015","reference_id":"","reference_type":"","scores":[{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34597","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35068","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34836","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34818","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34725","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35077","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35122","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35147","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35152","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35117","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35093","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.35131","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39189","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39211","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39003","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"},{"reference_url":"https://usn.ubuntu.com/4934-2/","reference_id":"USN-4934-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28015"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v1t8-y73h-vyee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40023?format=json","vulnerability_id":"VCID-vykx-t8yc-tycc","summary":"A local attacker could execute arbitrary code by providing\n    unsanitized data to a data source or escalate privileges.","references":[{"reference_url":"http://git.exim.org/exim.git/commitdiff/7685ce68148a083d7759e78d01aa5198fc099c44","reference_id":"","reference_type":"","scores":[],"url":"http://git.exim.org/exim.git/commitdiff/7685ce68148a083d7759e78d01aa5198fc099c44"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136251.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136251.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136264.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-August/136264.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2972.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2972.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2972","reference_id":"","reference_type":"","scores":[{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43609","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43858","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43902","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43925","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43855","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43906","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43908","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43926","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43893","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43877","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43939","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.4393","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43862","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43814","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43816","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00213","scoring_system":"epss","scoring_elements":"0.43736","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2972"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2972","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2972"},{"reference_url":"https://lists.exim.org/lurker/message/20140722.145949.42c043f5.en.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.exim.org/lurker/message/20140722.145949.42c043f5.en.html"},{"reference_url":"https://lists.exim.org/lurker/message/20140722.152452.d6c019e8.en.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.exim.org/lurker/message/20140722.152452.d6c019e8.en.html"},{"reference_url":"http://www.ubuntu.com/usn/USN-2933-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-2933-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1122552","reference_id":"1122552","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1122552"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.00:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.01:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.02:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.03:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.05:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.11:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.12:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.14:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.20:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.21:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.24:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.31:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.32:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.33:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.34:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.40:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.41:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.42:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.43:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.44:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.50:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.51:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.52:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.53:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.54:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.60:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.61:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.62:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.63:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.64:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.65:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.66:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.67:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.68:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.69:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.70:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.71:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.72:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.73:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.74:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.75:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.76:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.77:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.80.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.80.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.82:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:4.82:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:4.82:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2972","reference_id":"CVE-2014-2972","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-2972"},{"reference_url":"https://security.gentoo.org/glsa/201607-12","reference_id":"GLSA-201607-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201607-12"},{"reference_url":"https://usn.ubuntu.com/2933-1/","reference_id":"USN-2933-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2933-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586276?format=json","purl":"pkg:deb/debian/exim4@4.82.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.82.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2014-2972"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vykx-t8yc-tycc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/39285?format=json","vulnerability_id":"VCID-x7cz-svaj-rkb5","summary":"A vulnerability in Exim may allow local users to gain root\n    privileges.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000369.json","reference_id":"","reference_type":"","scores":[{"value":"2.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000369.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000369","reference_id":"","reference_type":"","scores":[{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54139","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54156","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54186","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.5416","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54212","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54208","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54258","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.5424","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.5422","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54262","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54243","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54222","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54198","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0031","scoring_system":"epss","scoring_elements":"0.54146","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000369"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000369","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000369"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1457748","reference_id":"1457748","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1457748"},{"reference_url":"https://security.archlinux.org/ASA-201711-32","reference_id":"ASA-201711-32","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201711-32"},{"reference_url":"https://security.archlinux.org/AVG-518","reference_id":"AVG-518","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-518"},{"reference_url":"https://security.gentoo.org/glsa/201709-19","reference_id":"GLSA-201709-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-19"},{"reference_url":"https://usn.ubuntu.com/3322-1/","reference_id":"USN-3322-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3322-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586822?format=json","purl":"pkg:deb/debian/exim4@4.89-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.89-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2017-1000369"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x7cz-svaj-rkb5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50403?format=json","vulnerability_id":"VCID-ynbw-8a6a-sug8","summary":"Multiple vulnerabilities were found in Exim, the worst of which\n    leading to remote execution of arbitrary code with root privileges.","references":[{"reference_url":"ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.70"},{"reference_url":"http://atmail.com/blog/2010/atmail-6204-now-available/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://atmail.com/blog/2010/atmail-6204-now-available/"},{"reference_url":"http://bugs.exim.org/show_bug.cgi?id=787","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://bugs.exim.org/show_bug.cgi?id=787"},{"reference_url":"http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6b","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://git.exim.org/exim.git/commit/24c929a27415c7cfc7126c47e4cad39acf3efa6b"},{"reference_url":"http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://lists.exim.org/lurker/message/20101210.164935.385e04d0.en.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00003.html"},{"reference_url":"http://openwall.com/lists/oss-security/2010/12/10/1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://openwall.com/lists/oss-security/2010/12/10/1"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4344.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4344.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4344","reference_id":"","reference_type":"","scores":[{"value":"0.53064","scoring_system":"epss","scoring_elements":"0.97968","published_at":"2026-04-26T12:55:00Z"},{"value":"0.53064","scoring_system":"epss","scoring_elements":"0.97966","published_at":"2026-04-24T12:55:00Z"},{"value":"0.53064","scoring_system":"epss","scoring_elements":"0.97979","published_at":"2026-05-05T12:55:00Z"},{"value":"0.53064","scoring_system":"epss","scoring_elements":"0.97972","published_at":"2026-04-29T12:55:00Z"},{"value":"0.61461","scoring_system":"epss","scoring_elements":"0.98312","published_at":"2026-04-01T12:55:00Z"},{"value":"0.61461","scoring_system":"epss","scoring_elements":"0.98314","published_at":"2026-04-02T12:55:00Z"},{"value":"0.61461","scoring_system":"epss","scoring_elements":"0.98317","published_at":"2026-04-04T12:55:00Z"},{"value":"0.61461","scoring_system":"epss","scoring_elements":"0.98319","published_at":"2026-04-07T12:55:00Z"},{"value":"0.61461","scoring_system":"epss","scoring_elements":"0.98324","published_at":"2026-04-08T12:55:00Z"},{"value":"0.61461","scoring_system":"epss","scoring_elements":"0.98325","published_at":"2026-04-09T12:55:00Z"},{"value":"0.61461","scoring_system":"epss","scoring_elements":"0.98328","published_at":"2026-04-13T12:55:00Z"},{"value":"0.61461","scoring_system":"epss","scoring_elements":"0.98333","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4344"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4344","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4344"},{"reference_url":"http://secunia.com/advisories/40019","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://secunia.com/advisories/40019"},{"reference_url":"http://secunia.com/advisories/42576","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://secunia.com/advisories/42576"},{"reference_url":"http://secunia.com/advisories/42586","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://secunia.com/advisories/42586"},{"reference_url":"http://secunia.com/advisories/42587","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://secunia.com/advisories/42587"},{"reference_url":"http://secunia.com/advisories/42589","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://secunia.com/advisories/42589"},{"reference_url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-4344","reference_id":"","reference_type":"","scores":[],"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2010-4344"},{"reference_url":"http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notification-cve-2010-4344.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.cpanel.net/2010/12/exim-remote-memory-corruption-vulnerability-notification-cve-2010-4344.html"},{"reference_url":"http://www.debian.org/security/2010/dsa-2131","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.debian.org/security/2010/dsa-2131"},{"reference_url":"http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.exim.org/lurker/message/20101207.215955.bb32d4f2.en.html"},{"reference_url":"http://www.kb.cert.org/vuls/id/682457","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.kb.cert.org/vuls/id/682457"},{"reference_url":"http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.metasploit.com/modules/exploit/unix/smtp/exim4_string_format"},{"reference_url":"http://www.openwall.com/lists/oss-security/2021/05/04/7","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.openwall.com/lists/oss-security/2021/05/04/7"},{"reference_url":"http://www.osvdb.org/69685","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.osvdb.org/69685"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2010-0970.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2010-0970.html"},{"reference_url":"http://www.securityfocus.com/archive/1/515172/100/0/threaded","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.securityfocus.com/archive/1/515172/100/0/threaded"},{"reference_url":"http://www.securityfocus.com/bid/45308","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.securityfocus.com/bid/45308"},{"reference_url":"http://www.securitytracker.com/id?1024858","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.securitytracker.com/id?1024858"},{"reference_url":"http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.theregister.co.uk/2010/12/11/exim_code_execution_peril/"},{"reference_url":"http://www.ubuntu.com/usn/USN-1032-1","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.ubuntu.com/usn/USN-1032-1"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3171","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.vupen.com/english/advisories/2010/3171"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3172","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.vupen.com/english/advisories/2010/3172"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3181","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.vupen.com/english/advisories/2010/3181"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3186","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.vupen.com/english/advisories/2010/3186"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3204","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.vupen.com/english/advisories/2010/3204"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3246","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.vupen.com/english/advisories/2010/3246"},{"reference_url":"http://www.vupen.com/english/advisories/2010/3317","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"http://www.vupen.com/english/advisories/2010/3317"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606612","reference_id":"606612","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606612"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=661756","reference_id":"661756","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Act","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:23:46Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=661756"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:exim:exim:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4344","reference_id":"CVE-2010-4344","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:C/I:C/A:C"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-4344"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/15725.pl","reference_id":"CVE-2010-4344;OSVDB-69685","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/15725.pl"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/16925.rb","reference_id":"CVE-2010-4345;CVE-2010-4344;OSVDB-69685","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/16925.rb"},{"reference_url":"https://security.gentoo.org/glsa/201401-32","reference_id":"GLSA-201401-32","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-32"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0970","reference_id":"RHSA-2010:0970","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0970"},{"reference_url":"https://usn.ubuntu.com/1032-1/","reference_id":"USN-1032-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1032-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586010?format=json","purl":"pkg:deb/debian/exim4@4.70-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.70-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2010-4344"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ynbw-8a6a-sug8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48312?format=json","vulnerability_id":"VCID-yytq-tcvz-43dq","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13917.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13917.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13917","reference_id":"","reference_type":"","scores":[{"value":"0.19865","scoring_system":"epss","scoring_elements":"0.95415","published_at":"2026-04-01T12:55:00Z"},{"value":"0.19865","scoring_system":"epss","scoring_elements":"0.95424","published_at":"2026-04-02T12:55:00Z"},{"value":"0.19865","scoring_system":"epss","scoring_elements":"0.9543","published_at":"2026-04-04T12:55:00Z"},{"value":"0.19865","scoring_system":"epss","scoring_elements":"0.95434","published_at":"2026-04-07T12:55:00Z"},{"value":"0.19865","scoring_system":"epss","scoring_elements":"0.95441","published_at":"2026-04-08T12:55:00Z"},{"value":"0.19865","scoring_system":"epss","scoring_elements":"0.95443","published_at":"2026-04-09T12:55:00Z"},{"value":"0.19865","scoring_system":"epss","scoring_elements":"0.95448","published_at":"2026-04-12T12:55:00Z"},{"value":"0.19865","scoring_system":"epss","scoring_elements":"0.9545","published_at":"2026-04-13T12:55:00Z"},{"value":"0.19865","scoring_system":"epss","scoring_elements":"0.95459","published_at":"2026-04-16T12:55:00Z"},{"value":"0.19865","scoring_system":"epss","scoring_elements":"0.95464","published_at":"2026-04-18T12:55:00Z"},{"value":"0.19865","scoring_system":"epss","scoring_elements":"0.95468","published_at":"2026-04-21T12:55:00Z"},{"value":"0.19865","scoring_system":"epss","scoring_elements":"0.95469","published_at":"2026-04-29T12:55:00Z"},{"value":"0.19865","scoring_system":"epss","scoring_elements":"0.9547","published_at":"2026-04-26T12:55:00Z"},{"value":"0.19865","scoring_system":"epss","scoring_elements":"0.9548","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13917"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13917","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13917"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1731412","reference_id":"1731412","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1731412"},{"reference_url":"https://security.archlinux.org/ASA-201908-4","reference_id":"ASA-201908-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201908-4"},{"reference_url":"https://security.archlinux.org/AVG-1011","reference_id":"AVG-1011","reference_type":"","scores":[{"value":"Critical","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1011"},{"reference_url":"https://security.gentoo.org/glsa/201909-06","reference_id":"GLSA-201909-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-06"},{"reference_url":"https://usn.ubuntu.com/4075-1/","reference_id":"USN-4075-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4075-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/586071?format=json","purl":"pkg:deb/debian/exim4@4.92-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.92-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2019-13917"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yytq-tcvz-43dq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/45529?format=json","vulnerability_id":"VCID-z51d-zdeq-suas","summary":"Multiple vulnerabilities have been found in Exim, the worst of\n    which allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28024","reference_id":"","reference_type":"","scores":[{"value":"0.04033","scoring_system":"epss","scoring_elements":"0.88446","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04033","scoring_system":"epss","scoring_elements":"0.88462","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04033","scoring_system":"epss","scoring_elements":"0.88438","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04361","scoring_system":"epss","scoring_elements":"0.88952","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04361","scoring_system":"epss","scoring_elements":"0.88964","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04361","scoring_system":"epss","scoring_elements":"0.88958","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04361","scoring_system":"epss","scoring_elements":"0.88957","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04361","scoring_system":"epss","scoring_elements":"0.8897","published_at":"2026-04-16T12:55:00Z"},{"value":"0.04361","scoring_system":"epss","scoring_elements":"0.88968","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04361","scoring_system":"epss","scoring_elements":"0.88981","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04361","scoring_system":"epss","scoring_elements":"0.88989","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04361","scoring_system":"epss","scoring_elements":"0.88996","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04361","scoring_system":"epss","scoring_elements":"0.88929","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04361","scoring_system":"epss","scoring_elements":"0.88947","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28017"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28019"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28021"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28023"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28024"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28026"},{"reference_url":"https://security.archlinux.org/AVG-1911","reference_id":"AVG-1911","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1911"},{"reference_url":"https://security.gentoo.org/glsa/202105-01","reference_id":"GLSA-202105-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202105-01"},{"reference_url":"https://usn.ubuntu.com/4934-1/","reference_id":"USN-4934-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-1/"},{"reference_url":"https://usn.ubuntu.com/4934-2/","reference_id":"USN-4934-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4934-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583054?format=json","purl":"pkg:deb/debian/exim4@4.94.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582229?format=json","purl":"pkg:deb/debian/exim4@4.94.2-7%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.94.2-7%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582230?format=json","purl":"pkg:deb/debian/exim4@4.96-15%2Bdeb12u7?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.96-15%252Bdeb12u7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582231?format=json","purl":"pkg:deb/debian/exim4@4.98.2-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.98.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582232?format=json","purl":"pkg:deb/debian/exim4@4.99.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-gdsh-48ys-33ew"},{"vulnerability":"VCID-huhp-241r-jbf6"},{"vulnerability":"VCID-hy1a-tah2-27gq"},{"vulnerability":"VCID-ry9v-ge65-sqbb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081514?format=json","purl":"pkg:deb/debian/exim4@4.99.1-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.1-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1088665?format=json","purl":"pkg:deb/debian/exim4@4.99.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}],"aliases":["CVE-2020-28024"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z51d-zdeq-suas"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/exim4@4.99.2-1%3Fdistro=trixie"}