{"url":"http://public2.vulnerablecode.io/api/packages/115491?format=json","purl":"pkg:deb/debian/lurker@2.1-1?distro=bullseye","type":"deb","namespace":"debian","name":"lurker","version":"2.1-1","qualifiers":{"distro":"bullseye"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.3-6","latest_non_vulnerable_version":"2.3-6","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92498?format=json","vulnerability_id":"VCID-68d1-ry6b-fuen","summary":"Multiple cross-site scripting (XSS) vulnerabilities in Lurker 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-1064","reference_id":"","reference_type":"","scores":[{"value":"0.00872","scoring_system":"epss","scoring_elements":"0.75581","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00872","scoring_system":"epss","scoring_elements":"0.75609","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00872","scoring_system":"epss","scoring_elements":"0.75613","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00872","scoring_system":"epss","scoring_elements":"0.75602","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00872","scoring_system":"epss","scoring_elements":"0.75589","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00872","scoring_system":"epss","scoring_elements":"0.75614","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-1064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1064"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115491?format=json","purl":"pkg:deb/debian/lurker@2.1-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lurker@2.1-1%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/115490?format=json","purl":"pkg:deb/debian/lurker@2.3-6?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lurker@2.3-6%3Fdistro=bullseye"}],"aliases":["CVE-2006-1064"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-68d1-ry6b-fuen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92496?format=json","vulnerability_id":"VCID-esg8-thdc-3ugh","summary":"Unspecified vulnerability in lurker.cgi for Lurker 2.0 and earlier allows attackers to read arbitrary files via unknown vectors.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-1062","reference_id":"","reference_type":"","scores":[{"value":"0.00946","scoring_system":"epss","scoring_elements":"0.76675","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00946","scoring_system":"epss","scoring_elements":"0.76704","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00946","scoring_system":"epss","scoring_elements":"0.76711","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00946","scoring_system":"epss","scoring_elements":"0.767","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00946","scoring_system":"epss","scoring_elements":"0.76689","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-1062"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1062","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1062"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115491?format=json","purl":"pkg:deb/debian/lurker@2.1-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lurker@2.1-1%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/115490?format=json","purl":"pkg:deb/debian/lurker@2.3-6?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lurker@2.3-6%3Fdistro=bullseye"}],"aliases":["CVE-2006-1062"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-esg8-thdc-3ugh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/92497?format=json","vulnerability_id":"VCID-ubg4-qg5c-qffw","summary":"Unspecified vulnerability in Lurker 2.0 and earlier allows remote attackers to create or overwrite files in any writable directory that is named \"mbox\".","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-1063","reference_id":"","reference_type":"","scores":[{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.7718","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.77212","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.77222","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.7721","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.772","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00986","scoring_system":"epss","scoring_elements":"0.77221","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-1063"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1063","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1063"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115491?format=json","purl":"pkg:deb/debian/lurker@2.1-1?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lurker@2.1-1%3Fdistro=bullseye"},{"url":"http://public2.vulnerablecode.io/api/packages/115490?format=json","purl":"pkg:deb/debian/lurker@2.3-6?distro=bullseye","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lurker@2.3-6%3Fdistro=bullseye"}],"aliases":["CVE-2006-1063"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ubg4-qg5c-qffw"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/lurker@2.1-1%3Fdistro=bullseye"}