{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","type":"deb","namespace":"debian","name":"net-snmp","version":"5.9.5.2+dfsg-2.1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94544?format=json","vulnerability_id":"VCID-2frr-t9hf-c7aa","summary":"The net-snmp package in OpenBSD through 5.8 uses 0644 permissions for snmpd.conf, which allows local users to obtain sensitive community information by reading this file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8100","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33023","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33127","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33141","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33103","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33071","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.3309","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8100"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117708?format=json","purl":"pkg:deb/debian/net-snmp@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2015-8100"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2frr-t9hf-c7aa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69483?format=json","vulnerability_id":"VCID-2wkm-6tte-tuf6","summary":"net-snmp: buffer overflow via a specially crafted packet can cause a crash in snmptrapd","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68615.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68615.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68615","reference_id":"","reference_type":"","scores":[{"value":"0.00594","scoring_system":"epss","scoring_elements":"0.69703","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00594","scoring_system":"epss","scoring_elements":"0.69716","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00594","scoring_system":"epss","scoring_elements":"0.69724","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00594","scoring_system":"epss","scoring_elements":"0.69714","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-68615"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68615","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68615"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123861","reference_id":"1123861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123861"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424618","reference_id":"2424618","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2424618"},{"reference_url":"https://github.com/net-snmp/net-snmp/security/advisories/GHSA-4389-rwqf-q9gq","reference_id":"GHSA-4389-rwqf-q9gq","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-30T12:39:09Z/"}],"url":"https://github.com/net-snmp/net-snmp/security/advisories/GHSA-4389-rwqf-q9gq"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0668","reference_id":"RHSA-2026:0668","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0668"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0696","reference_id":"RHSA-2026:0696","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0696"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0750","reference_id":"RHSA-2026:0750","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0750"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0810","reference_id":"RHSA-2026:0810","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0810"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0812","reference_id":"RHSA-2026:0812","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0812"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0813","reference_id":"RHSA-2026:0813","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0814","reference_id":"RHSA-2026:0814","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0814"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0815","reference_id":"RHSA-2026:0815","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0850","reference_id":"RHSA-2026:0850","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0850"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0851","reference_id":"RHSA-2026:0851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0852","reference_id":"RHSA-2026:0852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0853","reference_id":"RHSA-2026:0853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0926","reference_id":"RHSA-2026:0926","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0926"},{"reference_url":"https://usn.ubuntu.com/7944-1/","reference_id":"USN-7944-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7944-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117743?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117744?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2025-68615"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2wkm-6tte-tuf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94533?format=json","vulnerability_id":"VCID-344n-xwyp-g7df","summary":"agent/snmp_agent.c in snmpd in net-snmp 5.0.9 in Red Hat Enterprise Linux (RHEL) 3 allows remote attackers to cause a denial of service (daemon crash) via a crafted SNMP GETBULK request that triggers a divide-by-zero error.  NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-4309.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1887.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1887.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1887","reference_id":"","reference_type":"","scores":[{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72438","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72479","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72487","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72467","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72453","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00703","scoring_system":"epss","scoring_elements":"0.72477","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1887"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=506903","reference_id":"506903","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=506903"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:1124","reference_id":"RHSA-2009:1124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:1124"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117708?format=json","purl":"pkg:deb/debian/net-snmp@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2009-1887"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-344n-xwyp-g7df"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94536?format=json","vulnerability_id":"VCID-35wd-a76s-7kb7","summary":"The Linux implementation of the ICMP-MIB in Net-SNMP 5.5 before 5.5.2.1, 5.6.x before 5.6.2.1, and 5.7.x before 5.7.2.1 does not properly validate input, which allows remote attackers to cause a denial of service via unspecified vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2284.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2284.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2284","reference_id":"","reference_type":"","scores":[{"value":"0.04307","scoring_system":"epss","scoring_elements":"0.89067","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04307","scoring_system":"epss","scoring_elements":"0.89084","published_at":"2026-06-07T12:55:00Z"},{"value":"0.04307","scoring_system":"epss","scoring_elements":"0.89085","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04307","scoring_system":"epss","scoring_elements":"0.89101","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1070396","reference_id":"1070396","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1070396"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742817","reference_id":"742817","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742817"},{"reference_url":"https://security.gentoo.org/glsa/201409-02","reference_id":"GLSA-201409-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201409-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0321","reference_id":"RHSA-2014:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0321"},{"reference_url":"https://usn.ubuntu.com/2166-1/","reference_id":"USN-2166-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2166-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117719?format=json","purl":"pkg:deb/debian/net-snmp@5.7.2.1~dfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.7.2.1~dfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2014-2284"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-35wd-a76s-7kb7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94551?format=json","vulnerability_id":"VCID-3k27-p9uy-57gy","summary":"Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15862.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15862.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15862","reference_id":"","reference_type":"","scores":[{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30152","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30227","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30191","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.3016","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.3013","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30145","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15862"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15862"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1873038","reference_id":"1873038","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1873038"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965166","reference_id":"965166","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965166"},{"reference_url":"https://security.gentoo.org/glsa/202008-12","reference_id":"GLSA-202008-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202008-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5129","reference_id":"RHSA-2020:5129","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5201","reference_id":"RHSA-2020:5201","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5350","reference_id":"RHSA-2020:5350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5372","reference_id":"RHSA-2020:5372","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5372"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5420","reference_id":"RHSA-2020:5420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5480","reference_id":"RHSA-2020:5480","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5480"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0257","reference_id":"RHSA-2021:0257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0358","reference_id":"RHSA-2021:0358","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0358"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:0525","reference_id":"RHSA-2021:0525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:0525"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117732?format=json","purl":"pkg:deb/debian/net-snmp@5.8%2Bdfsg-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.8%252Bdfsg-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2020-15862"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3k27-p9uy-57gy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94553?format=json","vulnerability_id":"VCID-4b47-4p5x-47ab","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the `INDEX` of             `NET-SNMP-VACM-MIB` can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24805.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24805.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24805","reference_id":"","reference_type":"","scores":[{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52598","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52643","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52658","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52665","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.52647","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00289","scoring_system":"epss","scoring_elements":"0.5262","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139","reference_id":"1016139","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2103225","reference_id":"2103225","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:41:49Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2103225"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937","reference_id":"67ebb43e9038b2dae6e74ae8838b36fcc10fc937","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:41:49Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_id":"ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:41:49Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775"},{"reference_url":"https://www.debian.org/security/2022/dsa-5209","reference_id":"dsa-5209","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:41:49Z/"}],"url":"https://www.debian.org/security/2022/dsa-5209"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","reference_id":"FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:41:49Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/"},{"reference_url":"https://security.gentoo.org/glsa/202210-29","reference_id":"GLSA-202210-29","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:41:49Z/"}],"url":"https://security.gentoo.org/glsa/202210-29"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:41:49Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7260","reference_id":"RHSA-2024:7260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7875","reference_id":"RHSA-2024:7875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7875"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105238","reference_id":"show_bug.cgi?id=2105238","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:41:49Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105238"},{"reference_url":"https://usn.ubuntu.com/5543-1/","reference_id":"USN-5543-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5543-1/"},{"reference_url":"https://usn.ubuntu.com/5795-2/","reference_id":"USN-5795-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5795-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117733?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2022-24805"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4b47-4p5x-47ab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94561?format=json","vulnerability_id":"VCID-4qmk-t8qs-kkbp","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-only credentials can use a malformed OID in a `GET-NEXT` to the `nsVacmAccessTable` to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24809.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24809.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24809","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33068","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33134","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33171","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33185","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33146","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33114","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139","reference_id":"1016139","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104766","reference_id":"2104766","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104766"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_id":"ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:11:17Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775"},{"reference_url":"https://www.debian.org/security/2022/dsa-5209","reference_id":"dsa-5209","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:11:17Z/"}],"url":"https://www.debian.org/security/2022/dsa-5209"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","reference_id":"FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:11:17Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/"},{"reference_url":"https://security.gentoo.org/glsa/202210-29","reference_id":"GLSA-202210-29","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:11:17Z/"}],"url":"https://security.gentoo.org/glsa/202210-29"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:11:17Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7260","reference_id":"RHSA-2024:7260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7875","reference_id":"RHSA-2024:7875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7875"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105242","reference_id":"show_bug.cgi?id=2105242","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:11:17Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105242"},{"reference_url":"https://usn.ubuntu.com/5543-1/","reference_id":"USN-5543-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5543-1/"},{"reference_url":"https://usn.ubuntu.com/5795-2/","reference_id":"USN-5795-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5795-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117733?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2022-24809"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4qmk-t8qs-kkbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94532?format=json","vulnerability_id":"VCID-5fqz-fm3u-vfcx","summary":"The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to \"source/destination IP address confusion.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-6123.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-6123.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-6123","reference_id":"","reference_type":"","scores":[{"value":"0.00627","scoring_system":"epss","scoring_elements":"0.706","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00627","scoring_system":"epss","scoring_elements":"0.70643","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00627","scoring_system":"epss","scoring_elements":"0.70651","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00627","scoring_system":"epss","scoring_elements":"0.70634","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00627","scoring_system":"epss","scoring_elements":"0.70622","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00627","scoring_system":"epss","scoring_elements":"0.70644","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-6123"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6123","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-6123"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=485211","reference_id":"485211","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=485211"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=516801","reference_id":"516801","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=516801"},{"reference_url":"https://security.gentoo.org/glsa/201001-05","reference_id":"GLSA-201001-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201001-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2009:0295","reference_id":"RHSA-2009:0295","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2009:0295"},{"reference_url":"https://usn.ubuntu.com/946-1/","reference_id":"USN-946-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/946-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117717?format=json","purl":"pkg:deb/debian/net-snmp@5.4.3~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.4.3~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2008-6123"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5fqz-fm3u-vfcx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94547?format=json","vulnerability_id":"VCID-71rk-jshh-63h8","summary":"net-snmp before 5.8.1.pre1 has a double free in usm_free_usmStateReference in snmplib/snmpusm.c via an SNMPv3 GetBulk request. NOTE: this affects net-snmp packages shipped to end users by multiple Linux distributions, but might not affect an upstream release.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20892.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20892.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20892","reference_id":"","reference_type":"","scores":[{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.75244","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.75274","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.75277","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.75269","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.75255","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0085","scoring_system":"epss","scoring_elements":"0.7528","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-20892"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20892","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20892"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1851145","reference_id":"1851145","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1851145"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963713","reference_id":"963713","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963713"},{"reference_url":"https://security.gentoo.org/glsa/202008-12","reference_id":"GLSA-202008-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202008-12"},{"reference_url":"https://usn.ubuntu.com/4410-1/","reference_id":"USN-4410-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4410-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117728?format=json","purl":"pkg:deb/debian/net-snmp@5.8%2Bdfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.8%252Bdfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2019-20892"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-71rk-jshh-63h8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94545?format=json","vulnerability_id":"VCID-87du-mz64-u7ar","summary":"NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000116.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000116.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000116","reference_id":"","reference_type":"","scores":[{"value":"0.05493","scoring_system":"epss","scoring_elements":"0.90382","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05493","scoring_system":"epss","scoring_elements":"0.90397","published_at":"2026-06-06T12:55:00Z"},{"value":"0.05493","scoring_system":"epss","scoring_elements":"0.90394","published_at":"2026-06-08T12:55:00Z"},{"value":"0.05493","scoring_system":"epss","scoring_elements":"0.9041","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000116"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1552844","reference_id":"1552844","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1552844"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894110","reference_id":"894110","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894110"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1636","reference_id":"RHSA-2015:1636","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1636"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117722?format=json","purl":"pkg:deb/debian/net-snmp@5.7.3%2Bdfsg-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.7.3%252Bdfsg-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2018-1000116"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-87du-mz64-u7ar"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94526?format=json","vulnerability_id":"VCID-8xph-r4cn-3bad","summary":"SNMPv3 HMAC verification in (1) Net-SNMP 5.2.x before 5.2.4.1, 5.3.x before 5.3.2.1, and 5.4.x before 5.4.1.1; (2) UCD-SNMP; (3) eCos; (4) Juniper Session and Resource Control (SRC) C-series 1.0.0 through 2.0.0; (5) NetApp (aka Network Appliance) Data ONTAP 7.3RC1 and 7.3RC2; (6) SNMP Research before 16.2; (7) multiple Cisco IOS, CatOS, ACE, and Nexus products; (8) Ingate Firewall 3.1.0 and later and SIParator 3.1.0 and later; (9) HP OpenView SNMP Emanate Master Agent 15.x; and possibly other products relies on the client to specify the HMAC length, which makes it easier for remote attackers to bypass SNMP authentication via a length value of 1, which only checks the first byte.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0960.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0960.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0960","reference_id":"","reference_type":"","scores":[{"value":"0.23493","scoring_system":"epss","scoring_elements":"0.96073","published_at":"2026-06-04T12:55:00Z"},{"value":"0.23493","scoring_system":"epss","scoring_elements":"0.96077","published_at":"2026-06-05T12:55:00Z"},{"value":"0.23493","scoring_system":"epss","scoring_elements":"0.96081","published_at":"2026-06-06T12:55:00Z"},{"value":"0.23493","scoring_system":"epss","scoring_elements":"0.96082","published_at":"2026-06-08T12:55:00Z"},{"value":"0.23493","scoring_system":"epss","scoring_elements":"0.96087","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0960"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=447974","reference_id":"447974","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=447974"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=485945","reference_id":"485945","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=485945"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/5790.txt","reference_id":"CVE-2008-0960;OSVDB-98737;OSVDB-55442;OSVDB-55248;OSVDB-46669;OSVDB-46276;OSVDB-46102;OSVDB-46088;OSVDB-46086;OSVDB-46060;OSVDB-46059","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/5790.txt"},{"reference_url":"https://security.gentoo.org/glsa/200808-02","reference_id":"GLSA-200808-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200808-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0528","reference_id":"RHSA-2008:0528","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0529","reference_id":"RHSA-2008:0529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0529"},{"reference_url":"https://usn.ubuntu.com/685-1/","reference_id":"USN-685-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/685-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117713?format=json","purl":"pkg:deb/debian/net-snmp@5.4.1~dfsg-8.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.4.1~dfsg-8.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2008-0960"],"risk_score":0.4,"exploitability":"2.0","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8xph-r4cn-3bad"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94521?format=json","vulnerability_id":"VCID-a44d-35gg-c7hz","summary":"snmp_api.c in snmpd in Net-SNMP 5.2.x before 5.2.2, 5.1.x before 5.1.3, and 5.0.x before 5.0.10.2, when running in master agentx mode, allows remote attackers to cause a denial of service (crash) by causing a particular TCP disconnect, which triggers a free of an incorrect variable, a different vulnerability than CVE-2005-2177.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4837.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4837.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4837","reference_id":"","reference_type":"","scores":[{"value":"0.04608","scoring_system":"epss","scoring_elements":"0.89439","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04608","scoring_system":"epss","scoring_elements":"0.89458","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04608","scoring_system":"epss","scoring_elements":"0.89457","published_at":"2026-06-06T12:55:00Z"},{"value":"0.04608","scoring_system":"epss","scoring_elements":"0.89456","published_at":"2026-06-07T12:55:00Z"},{"value":"0.04608","scoring_system":"epss","scoring_elements":"0.89474","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4837"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617865","reference_id":"1617865","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:373","reference_id":"RHSA-2005:373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:395","reference_id":"RHSA-2005:395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:395"},{"reference_url":"https://usn.ubuntu.com/456-1/","reference_id":"USN-456-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/456-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117711?format=json","purl":"pkg:deb/debian/net-snmp@5.2.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.2.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2005-4837"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a44d-35gg-c7hz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94564?format=json","vulnerability_id":"VCID-auyd-s48r-3bhe","summary":"handle_ipDefaultTTL in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.8 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker (who has write access) to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44792.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44792.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-44792","reference_id":"","reference_type":"","scores":[{"value":"0.01941","scoring_system":"epss","scoring_elements":"0.83758","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01941","scoring_system":"epss","scoring_elements":"0.8377","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01941","scoring_system":"epss","scoring_elements":"0.83782","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01941","scoring_system":"epss","scoring_elements":"0.83783","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01941","scoring_system":"epss","scoring_elements":"0.83778","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-44792"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44792","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44792"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024020","reference_id":"1024020","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024020"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2141897","reference_id":"2141897","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2141897"},{"reference_url":"https://github.com/net-snmp/net-snmp/issues/474","reference_id":"474","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:39Z/"}],"url":"https://github.com/net-snmp/net-snmp/issues/474"},{"reference_url":"https://gist.github.com/menglong2234/b7bc13ae1a144f47cc3c95a7ea062428","reference_id":"b7bc13ae1a144f47cc3c95a7ea062428","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:39Z/"}],"url":"https://gist.github.com/menglong2234/b7bc13ae1a144f47cc3c95a7ea062428"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:39Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00010.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230223-0011/","reference_id":"ntap-20230223-0011","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:39Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230223-0011/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2444","reference_id":"RHSA-2023:2444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2969","reference_id":"RHSA-2023:2969","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2969"},{"reference_url":"https://usn.ubuntu.com/5795-1/","reference_id":"USN-5795-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5795-1/"},{"reference_url":"https://usn.ubuntu.com/5795-2/","reference_id":"USN-5795-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5795-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117740?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117738?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2022-44792"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-auyd-s48r-3bhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94554?format=json","vulnerability_id":"VCID-cnbd-s5qc-wkbh","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can exploit an Improper Input Validation vulnerability when SETing malformed OIDs in master agent and subagent simultaneously. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24806.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24806.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24806","reference_id":"","reference_type":"","scores":[{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.3686","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36899","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36952","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36958","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36924","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36886","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139","reference_id":"1016139","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104759","reference_id":"2104759","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104759"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_id":"ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-18T15:50:49Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775"},{"reference_url":"https://www.debian.org/security/2022/dsa-5209","reference_id":"dsa-5209","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-18T15:50:49Z/"}],"url":"https://www.debian.org/security/2022/dsa-5209"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","reference_id":"FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-18T15:50:49Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/"},{"reference_url":"https://security.gentoo.org/glsa/202210-29","reference_id":"GLSA-202210-29","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-18T15:50:49Z/"}],"url":"https://security.gentoo.org/glsa/202210-29"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-18T15:50:49Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7260","reference_id":"RHSA-2024:7260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7875","reference_id":"RHSA-2024:7875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7875"},{"reference_url":"https://usn.ubuntu.com/5543-1/","reference_id":"USN-5543-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5543-1/"},{"reference_url":"https://usn.ubuntu.com/5795-2/","reference_id":"USN-5795-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5795-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117733?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2022-24806"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cnbd-s5qc-wkbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94548?format=json","vulnerability_id":"VCID-e5tv-rfqr-afes","summary":"Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15861.json","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15861.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15861","reference_id":"","reference_type":"","scores":[{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.6304","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.63086","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.63084","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.63092","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.63082","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00433","scoring_system":"epss","scoring_elements":"0.63069","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-15861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15861","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15861"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15862","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15862"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/net-snmp/net-snmp/issues/145","reference_id":"145","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T18:23:07Z/"}],"url":"https://github.com/net-snmp/net-snmp/issues/145"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1862469","reference_id":"1862469","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1862469"},{"reference_url":"https://usn.ubuntu.com/4471-1/","reference_id":"4471-1","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T18:23:07Z/"}],"url":"https://usn.ubuntu.com/4471-1/"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/4fd9a450444a434a993bc72f7c3486ccce41f602","reference_id":"4fd9a450444a434a993bc72f7c3486ccce41f602","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T18:23:07Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/4fd9a450444a434a993bc72f7c3486ccce41f602"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966599","reference_id":"966599","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T18:23:07Z/"}],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966599"},{"reference_url":"https://security.gentoo.org/glsa/202008-12","reference_id":"GLSA-202008-12","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T18:23:07Z/"}],"url":"https://security.gentoo.org/glsa/202008-12"},{"reference_url":"https://security.netapp.com/advisory/ntap-20200904-0001/","reference_id":"ntap-20200904-0001","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T18:23:07Z/"}],"url":"https://security.netapp.com/advisory/ntap-20200904-0001/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117731?format=json","purl":"pkg:deb/debian/net-snmp@5.8%2Bdfsg-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.8%252Bdfsg-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2020-15861"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e5tv-rfqr-afes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94523?format=json","vulnerability_id":"VCID-ebwy-9dp6-c3cf","summary":"Unspecified vulnerability in Net-SNMP 5.3 before 5.3.0.1, when configured using the rocommunity or rouser snmpd.conf tokens, causes Net-SNMP to grant write access to users or communities that only have read-only access.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-6305.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-6305.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-6305","reference_id":"","reference_type":"","scores":[{"value":"0.00774","scoring_system":"epss","scoring_elements":"0.73952","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00774","scoring_system":"epss","scoring_elements":"0.73985","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00774","scoring_system":"epss","scoring_elements":"0.73989","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00774","scoring_system":"epss","scoring_elements":"0.73975","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00774","scoring_system":"epss","scoring_elements":"0.73958","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-6305"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117708?format=json","purl":"pkg:deb/debian/net-snmp@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2006-6305"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ebwy-9dp6-c3cf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94538?format=json","vulnerability_id":"VCID-etp4-vgqg-kfdk","summary":"The perl_trapd_handler function in perl/TrapReceiver/TrapReceiver.xs in Net-SNMP 5.7.3.pre3 and earlier, when using certain Perl versions, allows remote attackers to cause a denial of service (snmptrapd crash) via an empty community string in an SNMP trap, which triggers a NULL pointer dereference within the newSVpv function in Perl.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2285.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2285.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2285","reference_id":"","reference_type":"","scores":[{"value":"0.03332","scoring_system":"epss","scoring_elements":"0.87515","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03332","scoring_system":"epss","scoring_elements":"0.87537","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03332","scoring_system":"epss","scoring_elements":"0.87535","published_at":"2026-06-06T12:55:00Z"},{"value":"0.03332","scoring_system":"epss","scoring_elements":"0.87534","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03332","scoring_system":"epss","scoring_elements":"0.87532","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03332","scoring_system":"epss","scoring_elements":"0.87544","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2285","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2285"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1072778","reference_id":"1072778","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1072778"},{"reference_url":"https://security.gentoo.org/glsa/201409-02","reference_id":"GLSA-201409-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201409-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0322","reference_id":"RHSA-2014:0322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0322"},{"reference_url":"https://usn.ubuntu.com/2166-1/","reference_id":"USN-2166-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2166-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117719?format=json","purl":"pkg:deb/debian/net-snmp@5.7.2.1~dfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.7.2.1~dfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2014-2285"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-etp4-vgqg-kfdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94524?format=json","vulnerability_id":"VCID-g8tr-4qhs-83dw","summary":"The SNMP agent (snmp_agent.c) in net-snmp before 5.4.1 allows remote attackers to cause a denial of service (CPU and memory consumption) via a GETBULK request with a large max-repeaters value.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5846.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5846.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5846","reference_id":"","reference_type":"","scores":[{"value":"0.15357","scoring_system":"epss","scoring_elements":"0.94761","published_at":"2026-06-04T12:55:00Z"},{"value":"0.15357","scoring_system":"epss","scoring_elements":"0.9477","published_at":"2026-06-05T12:55:00Z"},{"value":"0.15357","scoring_system":"epss","scoring_elements":"0.94772","published_at":"2026-06-06T12:55:00Z"},{"value":"0.15357","scoring_system":"epss","scoring_elements":"0.94773","published_at":"2026-06-08T12:55:00Z"},{"value":"0.15357","scoring_system":"epss","scoring_elements":"0.94778","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5846"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5846","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5846"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=363631","reference_id":"363631","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=363631"},{"reference_url":"https://security.gentoo.org/glsa/200711-31","reference_id":"GLSA-200711-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:1045","reference_id":"RHSA-2007:1045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:1045"},{"reference_url":"https://usn.ubuntu.com/564-1/","reference_id":"USN-564-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/564-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117712?format=json","purl":"pkg:deb/debian/net-snmp@5.4.1~dfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.4.1~dfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2007-5846"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g8tr-4qhs-83dw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94559?format=json","vulnerability_id":"VCID-gu7f-b733-pfew","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a `SET` request to `NET-SNMP-AGENT-MIB::nsLogTable` to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24808.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24808.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24808","reference_id":"","reference_type":"","scores":[{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45396","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45437","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45465","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45469","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45449","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00226","scoring_system":"epss","scoring_elements":"0.45424","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139","reference_id":"1016139","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104768","reference_id":"2104768","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104768"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937","reference_id":"67ebb43e9038b2dae6e74ae8838b36fcc10fc937","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:23:10Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_id":"ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:23:10Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775"},{"reference_url":"https://www.debian.org/security/2022/dsa-5209","reference_id":"dsa-5209","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:23:10Z/"}],"url":"https://www.debian.org/security/2022/dsa-5209"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","reference_id":"FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:23:10Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/"},{"reference_url":"https://security.gentoo.org/glsa/202210-29","reference_id":"GLSA-202210-29","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:23:10Z/"}],"url":"https://security.gentoo.org/glsa/202210-29"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:23:10Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7260","reference_id":"RHSA-2024:7260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7875","reference_id":"RHSA-2024:7875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7875"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105240","reference_id":"show_bug.cgi?id=2105240","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:23:10Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105240"},{"reference_url":"https://usn.ubuntu.com/5543-1/","reference_id":"USN-5543-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5543-1/"},{"reference_url":"https://usn.ubuntu.com/5795-2/","reference_id":"USN-5795-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5795-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117733?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2022-24808"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gu7f-b733-pfew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94539?format=json","vulnerability_id":"VCID-k2rt-7qke-ukb1","summary":"The AgentX subagent in Net-SNMP before 5.4.4 allows remote attackers to cause a denial of service (hang) by sending a multi-object request with an Object ID (OID) containing more subids than previous requests, a different vulnerability than CVE-2012-6151.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2310.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2310.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2310","reference_id":"","reference_type":"","scores":[{"value":"0.01147","scoring_system":"epss","scoring_elements":"0.78806","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01147","scoring_system":"epss","scoring_elements":"0.78833","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01147","scoring_system":"epss","scoring_elements":"0.7884","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01147","scoring_system":"epss","scoring_elements":"0.7883","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01147","scoring_system":"epss","scoring_elements":"0.7882","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01147","scoring_system":"epss","scoring_elements":"0.78837","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2310"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2310","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2310"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1074631","reference_id":"1074631","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1074631"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684388","reference_id":"684388","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684388"},{"reference_url":"https://usn.ubuntu.com/2166-1/","reference_id":"USN-2166-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2166-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117720?format=json","purl":"pkg:deb/debian/net-snmp@5.7.2~dfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.7.2~dfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2014-2310"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k2rt-7qke-ukb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94565?format=json","vulnerability_id":"VCID-k63m-qvyh-aucf","summary":"handle_ipv6IpForwarding in agent/mibgroup/ip-mib/ip_scalars.c in Net-SNMP 5.4.3 through 5.9.3 has a NULL Pointer Exception bug that can be used by a remote attacker to cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44793.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44793.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-44793","reference_id":"","reference_type":"","scores":[{"value":"0.01438","scoring_system":"epss","scoring_elements":"0.81049","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01438","scoring_system":"epss","scoring_elements":"0.81092","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01438","scoring_system":"epss","scoring_elements":"0.81077","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01438","scoring_system":"epss","scoring_elements":"0.81081","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01438","scoring_system":"epss","scoring_elements":"0.81078","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01438","scoring_system":"epss","scoring_elements":"0.81074","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-44793"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44793","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44793"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024020","reference_id":"1024020","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1024020"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2141898","reference_id":"2141898","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2141898"},{"reference_url":"https://github.com/net-snmp/net-snmp/issues/475","reference_id":"475","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:38Z/"}],"url":"https://github.com/net-snmp/net-snmp/issues/475"},{"reference_url":"https://gist.github.com/menglong2234/d07a65b5028145c9f4e1d1db8c4c202f","reference_id":"d07a65b5028145c9f4e1d1db8c4c202f","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:38Z/"}],"url":"https://gist.github.com/menglong2234/d07a65b5028145c9f4e1d1db8c4c202f"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00010.html","reference_id":"msg00010.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:38Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/01/msg00010.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230223-0011/","reference_id":"ntap-20230223-0011","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:38Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230223-0011/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2444","reference_id":"RHSA-2023:2444","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2444"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2969","reference_id":"RHSA-2023:2969","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2969"},{"reference_url":"https://usn.ubuntu.com/5795-1/","reference_id":"USN-5795-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5795-1/"},{"reference_url":"https://usn.ubuntu.com/5795-2/","reference_id":"USN-5795-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5795-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117740?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117738?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2022-44793"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k63m-qvyh-aucf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94514?format=json","vulnerability_id":"VCID-keds-md4n-j3dj","summary":"The handle_var_requests function in snmp_agent.c for the SNMP daemon in the Net-SNMP (formerly ucd-snmp) package 5.0.1 through 5.0.5 allows remote attackers to cause a denial of service (crash) via a NULL dereference.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1170.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1170.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1170","reference_id":"","reference_type":"","scores":[{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.7986","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.79885","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.79891","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.79886","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.79874","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.79893","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1170"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1170","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1170"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616855","reference_id":"1616855","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616855"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:228","reference_id":"RHSA-2002:228","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:228"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117703?format=json","purl":"pkg:deb/debian/net-snmp@5.0.6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.0.6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2002-1170"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-keds-md4n-j3dj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94541?format=json","vulnerability_id":"VCID-kgt5-xy9g-ffeg","summary":"snmplib/mib.c in net-snmp 5.7.0 and earlier, when the -OQ option is used, allows remote attackers to cause a denial of service (snmptrapd crash) via a crafted SNMP trap message, which triggers a conversion to the variable type designated in the MIB file, as demonstrated by a NULL type in an ifMtu trap message.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3565.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3565.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3565","reference_id":"","reference_type":"","scores":[{"value":"0.07498","scoring_system":"epss","scoring_elements":"0.91928","published_at":"2026-06-04T12:55:00Z"},{"value":"0.07498","scoring_system":"epss","scoring_elements":"0.9194","published_at":"2026-06-08T12:55:00Z"},{"value":"0.07498","scoring_system":"epss","scoring_elements":"0.91942","published_at":"2026-06-06T12:55:00Z"},{"value":"0.07498","scoring_system":"epss","scoring_elements":"0.91939","published_at":"2026-06-07T12:55:00Z"},{"value":"0.07498","scoring_system":"epss","scoring_elements":"0.91954","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3565"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3565"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1125155","reference_id":"1125155","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1125155"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760132","reference_id":"760132","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760132"},{"reference_url":"https://security.gentoo.org/glsa/201507-17","reference_id":"GLSA-201507-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201507-17"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1385","reference_id":"RHSA-2015:1385","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1385"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2345","reference_id":"RHSA-2015:2345","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2345"},{"reference_url":"https://usn.ubuntu.com/2711-1/","reference_id":"USN-2711-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2711-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117721?format=json","purl":"pkg:deb/debian/net-snmp@5.7.2.1~dfsg-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.7.2.1~dfsg-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2014-3565"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kgt5-xy9g-ffeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94515?format=json","vulnerability_id":"VCID-ma9t-kghr-3qhb","summary":"Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0935.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0935.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0935","reference_id":"","reference_type":"","scores":[{"value":"0.00862","scoring_system":"epss","scoring_elements":"0.75431","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00862","scoring_system":"epss","scoring_elements":"0.75461","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00862","scoring_system":"epss","scoring_elements":"0.75465","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00862","scoring_system":"epss","scoring_elements":"0.75455","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00862","scoring_system":"epss","scoring_elements":"0.75442","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00862","scoring_system":"epss","scoring_elements":"0.75467","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0935"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617103","reference_id":"1617103","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617103"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:335","reference_id":"RHSA-2003:335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:023","reference_id":"RHSA-2004:023","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:023"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117707?format=json","purl":"pkg:deb/debian/net-snmp@5.0.9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.0.9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2003-0935"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ma9t-kghr-3qhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94518?format=json","vulnerability_id":"VCID-n6ja-tper-7fb4","summary":"Net-SNMP 5.0.x before 5.0.10.2, 5.2.x before 5.2.1.2, and 5.1.3, when net-snmp is using stream sockets such as TCP, allows remote attackers to cause a denial of service (daemon hang and CPU consumption) via a TCP packet of length 1, which triggers an infinite loop.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2177.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2177.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2177","reference_id":"","reference_type":"","scores":[{"value":"0.11098","scoring_system":"epss","scoring_elements":"0.93602","published_at":"2026-06-04T12:55:00Z"},{"value":"0.11098","scoring_system":"epss","scoring_elements":"0.93612","published_at":"2026-06-06T12:55:00Z"},{"value":"0.11098","scoring_system":"epss","scoring_elements":"0.93611","published_at":"2026-06-07T12:55:00Z"},{"value":"0.11098","scoring_system":"epss","scoring_elements":"0.9361","published_at":"2026-06-08T12:55:00Z"},{"value":"0.11098","scoring_system":"epss","scoring_elements":"0.93617","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2177"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2177","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2177"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617692","reference_id":"1617692","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617692"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318420","reference_id":"318420","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:373","reference_id":"RHSA-2005:373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:395","reference_id":"RHSA-2005:395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:395"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:720","reference_id":"RHSA-2005:720","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:720"},{"reference_url":"https://usn.ubuntu.com/190-1/","reference_id":"USN-190-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/190-1/"},{"reference_url":"https://usn.ubuntu.com/190-2/","reference_id":"USN-190-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/190-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117709?format=json","purl":"pkg:deb/debian/net-snmp@5.2.1.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.2.1.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2005-2177"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n6ja-tper-7fb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94562?format=json","vulnerability_id":"VCID-nwg6-5jgz-33bj","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a user with read-write credentials can use a malformed OID in a SET to the nsVacmAccessTable to cause a NULL pointer dereference. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24810.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24810.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24810","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34213","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34271","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34313","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34328","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34293","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34251","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24810"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139","reference_id":"1016139","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104769","reference_id":"2104769","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104769"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_id":"ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:37:22Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775"},{"reference_url":"https://www.debian.org/security/2022/dsa-5209","reference_id":"dsa-5209","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:37:22Z/"}],"url":"https://www.debian.org/security/2022/dsa-5209"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","reference_id":"FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:37:22Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/"},{"reference_url":"https://security.gentoo.org/glsa/202210-29","reference_id":"GLSA-202210-29","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:37:22Z/"}],"url":"https://security.gentoo.org/glsa/202210-29"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:37:22Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7260","reference_id":"RHSA-2024:7260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7875","reference_id":"RHSA-2024:7875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7875"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105241","reference_id":"show_bug.cgi?id=2105241","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:37:22Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105241"},{"reference_url":"https://usn.ubuntu.com/5543-1/","reference_id":"USN-5543-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5543-1/"},{"reference_url":"https://usn.ubuntu.com/5795-2/","reference_id":"USN-5795-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5795-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117733?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2022-24810"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nwg6-5jgz-33bj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6234?format=json","vulnerability_id":"VCID-p1bw-tx3f-33c5","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5621.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5621.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5621","reference_id":"","reference_type":"","scores":[{"value":"0.17699","scoring_system":"epss","scoring_elements":"0.95243","published_at":"2026-06-05T12:55:00Z"},{"value":"0.17699","scoring_system":"epss","scoring_elements":"0.95245","published_at":"2026-06-06T12:55:00Z"},{"value":"0.17699","scoring_system":"epss","scoring_elements":"0.95236","published_at":"2026-06-04T12:55:00Z"},{"value":"0.17699","scoring_system":"epss","scoring_elements":"0.9525","published_at":"2026-06-09T12:55:00Z"},{"value":"0.17699","scoring_system":"epss","scoring_elements":"0.95246","published_at":"2026-06-08T12:55:00Z"},{"value":"0.17699","scoring_system":"epss","scoring_elements":"0.95248","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000116"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/04/13/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T17:20:51Z/"}],"url":"http://www.openwall.com/lists/oss-security/2015/04/13/1"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/07/31/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T17:20:51Z/"}],"url":"http://www.openwall.com/lists/oss-security/2015/07/31/1"},{"reference_url":"http://www.securitytracker.com/id/1033304","reference_id":"1033304","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T17:20:51Z/"}],"url":"http://www.securitytracker.com/id/1033304"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1212408","reference_id":"1212408","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T17:20:51Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1212408"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/04/16/15","reference_id":"15","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T17:20:51Z/"}],"url":"http://www.openwall.com/lists/oss-security/2015/04/16/15"},{"reference_url":"https://sourceforge.net/p/net-snmp/bugs/2615/","reference_id":"2615","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T17:20:51Z/"}],"url":"https://sourceforge.net/p/net-snmp/bugs/2615/"},{"reference_url":"https://www.exploit-db.com/exploits/45547/","reference_id":"45547","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T17:20:51Z/"}],"url":"https://www.exploit-db.com/exploits/45547/"},{"reference_url":"http://www.securityfocus.com/bid/76380","reference_id":"76380","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T17:20:51Z/"}],"url":"http://www.securityfocus.com/bid/76380"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788964","reference_id":"788964","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=788964"},{"reference_url":"https://security.archlinux.org/ASA-201810-11","reference_id":"ASA-201810-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201810-11"},{"reference_url":"https://security.archlinux.org/AVG-777","reference_id":"AVG-777","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-777"},{"reference_url":"http://support.citrix.com/article/CTX209443","reference_id":"CTX209443","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T17:20:51Z/"}],"url":"http://support.citrix.com/article/CTX209443"},{"reference_url":"https://dumpco.re/blog/net-snmp-5.7.3-remote-dos","reference_id":"CVE-2018-18065;CVE-2015-5621","reference_type":"exploit","scores":[],"url":"https://dumpco.re/blog/net-snmp-5.7.3-remote-dos"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/45547.txt","reference_id":"CVE-2018-18065;CVE-2015-5621","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/45547.txt"},{"reference_url":"https://www.debian.org/security/2018/dsa-4154","reference_id":"dsa-4154","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T17:20:51Z/"}],"url":"https://www.debian.org/security/2018/dsa-4154"},{"reference_url":"http://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/","reference_id":"f23bcd3ac6ddee5d0a48f9703007ccc738914791","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T17:20:51Z/"}],"url":"http://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2015-09/msg00004.html","reference_id":"msg00004.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T17:20:51Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2015-09/msg00004.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1636","reference_id":"RHSA-2015:1636","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1636"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1636.html","reference_id":"RHSA-2015-1636.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T17:20:51Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2015-1636.html"},{"reference_url":"https://cert-portal.siemens.com/productcert/pdf/ssa-978220.pdf","reference_id":"ssa-978220.pdf","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T17:20:51Z/"}],"url":"https://cert-portal.siemens.com/productcert/pdf/ssa-978220.pdf"},{"reference_url":"https://usn.ubuntu.com/2711-1/","reference_id":"USN-2711-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2711-1/"},{"reference_url":"http://www.ubuntu.com/usn/USN-2711-1","reference_id":"USN-2711-1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-04T17:20:51Z/"}],"url":"http://www.ubuntu.com/usn/USN-2711-1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117722?format=json","purl":"pkg:deb/debian/net-snmp@5.7.3%2Bdfsg-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.7.3%252Bdfsg-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2015-5621"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p1bw-tx3f-33c5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94517?format=json","vulnerability_id":"VCID-pfv6-g4st-2kg9","summary":"fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, which allows local users to modify the contents of those files to execute arbitrary commands, or overwrite arbitrary files via a symlink attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1740.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-1740.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1740","reference_id":"","reference_type":"","scores":[{"value":"0.02536","scoring_system":"epss","scoring_elements":"0.85727","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02536","scoring_system":"epss","scoring_elements":"0.85749","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02536","scoring_system":"epss","scoring_elements":"0.85752","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02536","scoring_system":"epss","scoring_elements":"0.85748","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02536","scoring_system":"epss","scoring_elements":"0.85732","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02536","scoring_system":"epss","scoring_elements":"0.85746","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-1740"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617663","reference_id":"1617663","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617663"},{"reference_url":"https://security.gentoo.org/glsa/200505-18","reference_id":"GLSA-200505-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200505-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:373","reference_id":"RHSA-2005:373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:395","reference_id":"RHSA-2005:395","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:395"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117708?format=json","purl":"pkg:deb/debian/net-snmp@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2005-1740"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pfv6-g4st-2kg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94534?format=json","vulnerability_id":"VCID-q1zz-z3qj-wbgz","summary":"Array index error in the handle_nsExtendOutput2Table function in agent/mibgroup/agent/extend.c in Net-SNMP 5.7.1 allows remote authenticated users to cause a denial of service (out-of-bounds read and snmpd crash) via an SNMP GET request for an entry not in the extension table.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2141.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2141.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2141","reference_id":"","reference_type":"","scores":[{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79873","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79898","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79904","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79899","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79888","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01274","scoring_system":"epss","scoring_elements":"0.79907","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-2141"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2141","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2141"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672492","reference_id":"672492","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=672492"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=815813","reference_id":"815813","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=815813"},{"reference_url":"https://security.gentoo.org/glsa/201409-02","reference_id":"GLSA-201409-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201409-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0876","reference_id":"RHSA-2012:0876","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0876"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0124","reference_id":"RHSA-2013:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0124"},{"reference_url":"https://usn.ubuntu.com/1450-1/","reference_id":"USN-1450-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1450-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117718?format=json","purl":"pkg:deb/debian/net-snmp@5.4.3~dfsg-2.5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.4.3~dfsg-2.5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2012-2141"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q1zz-z3qj-wbgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94530?format=json","vulnerability_id":"VCID-qpd4-g4sb-ybe8","summary":"Integer overflow in the netsnmp_create_subtree_cache function in agent/snmp_agent.c in net-snmp 5.4 before 5.4.2.1, 5.3 before 5.3.2.3, and 5.2 before 5.2.5.1 allows remote attackers to cause a denial of service (crash) via a crafted SNMP GETBULK request, which triggers a heap-based buffer overflow,  related to the number of responses or repeats.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4309.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-4309.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4309","reference_id":"","reference_type":"","scores":[{"value":"0.11399","scoring_system":"epss","scoring_elements":"0.93703","published_at":"2026-06-04T12:55:00Z"},{"value":"0.11399","scoring_system":"epss","scoring_elements":"0.93718","published_at":"2026-06-09T12:55:00Z"},{"value":"0.11399","scoring_system":"epss","scoring_elements":"0.93711","published_at":"2026-06-08T12:55:00Z"},{"value":"0.11399","scoring_system":"epss","scoring_elements":"0.93712","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-4309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4309"},{"reference_url":"http://www.vupen.com/english/advisories/2009/0301","reference_id":"0301","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://www.vupen.com/english/advisories/2009/0301"},{"reference_url":"http://www.openwall.com/lists/oss-security/2008/10/31/1","reference_id":"1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://www.openwall.com/lists/oss-security/2008/10/31/1"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1297","reference_id":"1297","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://www.vupen.com/english/advisories/2009/1297"},{"reference_url":"http://www.vupen.com/english/advisories/2009/1771","reference_id":"1771","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://www.vupen.com/english/advisories/2009/1771"},{"reference_url":"http://www.vupen.com/english/advisories/2008/2973","reference_id":"2973","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://www.vupen.com/english/advisories/2008/2973"},{"reference_url":"http://www.securityfocus.com/bid/32020","reference_id":"32020","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://www.securityfocus.com/bid/32020"},{"reference_url":"http://secunia.com/advisories/32539","reference_id":"32539","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://secunia.com/advisories/32539"},{"reference_url":"http://secunia.com/advisories/32560","reference_id":"32560","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://secunia.com/advisories/32560"},{"reference_url":"http://secunia.com/advisories/32664","reference_id":"32664","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://secunia.com/advisories/32664"},{"reference_url":"http://secunia.com/advisories/32711","reference_id":"32711","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://secunia.com/advisories/32711"},{"reference_url":"http://secunia.com/advisories/33003","reference_id":"33003","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://secunia.com/advisories/33003"},{"reference_url":"http://secunia.com/advisories/33095","reference_id":"33095","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://secunia.com/advisories/33095"},{"reference_url":"http://secunia.com/advisories/33631","reference_id":"33631","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://secunia.com/advisories/33631"},{"reference_url":"http://secunia.com/advisories/33746","reference_id":"33746","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://secunia.com/advisories/33746"},{"reference_url":"http://secunia.com/advisories/33821","reference_id":"33821","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://secunia.com/advisories/33821"},{"reference_url":"http://www.vupen.com/english/advisories/2008/3400","reference_id":"3400","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://www.vupen.com/english/advisories/2008/3400"},{"reference_url":"http://secunia.com/advisories/35074","reference_id":"35074","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://secunia.com/advisories/35074"},{"reference_url":"http://secunia.com/advisories/35679","reference_id":"35679","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://secunia.com/advisories/35679"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46262","reference_id":"46262","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46262"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=469349","reference_id":"469349","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=469349"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504150","reference_id":"504150","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504150"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:225","reference_id":"advisories?name=MDVSA-2008:225","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2008:225"},{"reference_url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0315","reference_id":"Advisories:rPSA-2008-0315","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0315"},{"reference_url":"http://support.avaya.com/elmodocs2/security/ASA-2008-467.htm","reference_id":"ASA-2008-467.htm","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-467.htm"},{"reference_url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-262908-1","reference_id":"document.do?assetkey=1-26-262908-1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-26-262908-1"},{"reference_url":"http://www.debian.org/security/2008/dsa-1663","reference_id":"dsa-1663","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://www.debian.org/security/2008/dsa-1663"},{"reference_url":"http://sourceforge.net/forum/forum.php?forum_id=882903","reference_id":"forum.php?forum_id=882903","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://sourceforge.net/forum/forum.php?forum_id=882903"},{"reference_url":"https://security.gentoo.org/glsa/200901-15","reference_id":"GLSA-200901-15","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200901-15"},{"reference_url":"http://security.gentoo.org/glsa/glsa-200901-15.xml","reference_id":"glsa-200901-15.xml","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://security.gentoo.org/glsa/glsa-200901-15.xml"},{"reference_url":"http://support.apple.com/kb/HT3549","reference_id":"HT3549","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://support.apple.com/kb/HT3549"},{"reference_url":"http://support.apple.com/kb/HT4298","reference_id":"HT4298","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://support.apple.com/kb/HT4298"},{"reference_url":"http://www.securitytracker.com/id?1021129","reference_id":"id?1021129","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://www.securitytracker.com/id?1021129"},{"reference_url":"http://marc.info/?l=bugtraq&m=125017764422557&w=2","reference_id":"?l=bugtraq&m=125017764422557&w=2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://marc.info/?l=bugtraq&m=125017764422557&w=2"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html","reference_id":"msg00000.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00000.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html","reference_id":"msg00001.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://lists.apple.com/archives/security-announce/2010//Dec/msg00001.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html","reference_id":"msg00002.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://lists.apple.com/archives/security-announce/2009/May/msg00002.html"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6171","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A6171","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6171"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6353","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A6353","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6353"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9860","reference_id":"oval%3Aorg.mitre.oval%3Adef%3A9860","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9860"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0971","reference_id":"RHSA-2008:0971","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0971"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2008-0971.html","reference_id":"RHSA-2008-0971.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://www.redhat.com/support/errata/RHSA-2008-0971.html"},{"reference_url":"http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/tags/Ext-5-2-5-1/net-snmp/agent/snmp_agent.c?r1=17271&r2=17272&pathrev=17272","reference_id":"snmp_agent.c?r1=17271&r2=17272&pathrev=17272","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://net-snmp.svn.sourceforge.net/viewvc/net-snmp/tags/Ext-5-2-5-1/net-snmp/agent/snmp_agent.c?r1=17271&r2=17272&pathrev=17272"},{"reference_url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html","reference_id":"TA09-133A.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://www.us-cert.gov/cas/techalerts/TA09-133A.html"},{"reference_url":"http://www.securityfocus.com/archive/1/498280/100/0/threaded","reference_id":"threaded","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://www.securityfocus.com/archive/1/498280/100/0/threaded"},{"reference_url":"http://www.ubuntu.com/usn/usn-685-1","reference_id":"usn-685-1","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://www.ubuntu.com/usn/usn-685-1"},{"reference_url":"https://usn.ubuntu.com/685-1/","reference_id":"USN-685-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/685-1/"},{"reference_url":"http://www.vmware.com/security/advisories/VMSA-2009-0001.html","reference_id":"VMSA-2009-0001.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-05-28T18:05:54Z/"}],"url":"http://www.vmware.com/security/advisories/VMSA-2009-0001.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117716?format=json","purl":"pkg:deb/debian/net-snmp@5.4.1~dfsg-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.4.1~dfsg-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2008-4309"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qpd4-g4sb-ybe8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94528?format=json","vulnerability_id":"VCID-quue-91c4-mugd","summary":"Buffer overflow in the __snprint_value function in snmp_get in Net-SNMP 5.1.4, 5.2.4, and 5.4.1, as used in SNMP.xs for Perl, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large OCTETSTRING in an attribute value pair (AVP).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2292.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2292.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2292","reference_id":"","reference_type":"","scores":[{"value":"0.15213","scoring_system":"epss","scoring_elements":"0.94734","published_at":"2026-06-04T12:55:00Z"},{"value":"0.15213","scoring_system":"epss","scoring_elements":"0.94743","published_at":"2026-06-05T12:55:00Z"},{"value":"0.15213","scoring_system":"epss","scoring_elements":"0.94744","published_at":"2026-06-06T12:55:00Z"},{"value":"0.15213","scoring_system":"epss","scoring_elements":"0.94746","published_at":"2026-06-07T12:55:00Z"},{"value":"0.26552","scoring_system":"epss","scoring_elements":"0.96438","published_at":"2026-06-08T12:55:00Z"},{"value":"0.26552","scoring_system":"epss","scoring_elements":"0.96444","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-2292"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=447262","reference_id":"447262","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=447262"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482333","reference_id":"482333","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482333"},{"reference_url":"https://security.gentoo.org/glsa/200808-02","reference_id":"GLSA-200808-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200808-02"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/7100.pl","reference_id":"OSVDB-45136;CVE-2008-2292","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/7100.pl"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0529","reference_id":"RHSA-2008:0529","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0529"},{"reference_url":"https://usn.ubuntu.com/685-1/","reference_id":"USN-685-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/685-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117714?format=json","purl":"pkg:deb/debian/net-snmp@5.4.1~dfsg-8?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.4.1~dfsg-8%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2008-2292"],"risk_score":0.4,"exploitability":"2.0","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-quue-91c4-mugd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94520?format=json","vulnerability_id":"VCID-rr8q-t2v8-2fc1","summary":"Untrusted search path vulnerability in Net-SNMP 5.2.1.2 and earlier, on Gentoo Linux, installs certain Perl modules with an insecure DT_RPATH, which could allow local users to gain privileges.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2811","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21251","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21331","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21317","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.2127","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21206","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21215","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2811"},{"reference_url":"https://security.gentoo.org/glsa/200509-05","reference_id":"GLSA-200509-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200509-05"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117708?format=json","purl":"pkg:deb/debian/net-snmp@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2005-2811"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rr8q-t2v8-2fc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94516?format=json","vulnerability_id":"VCID-t43e-34e3-kyg8","summary":"Buffer overflow in snmpd in ucd-snmp 4.2.6 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -p command line argument.  NOTE: it is not clear whether there are any standard configurations in which snmpd is installed setuid or setgid. If not, then this issue should not be included in CVE.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-2300.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-2300.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-2300","reference_id":"","reference_type":"","scores":[{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48367","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.4843","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48435","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48416","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48387","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48399","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-2300"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117708?format=json","purl":"pkg:deb/debian/net-snmp@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2004-2300"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t43e-34e3-kyg8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6233?format=json","vulnerability_id":"VCID-wrrt-x229-p7ea","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18065.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18065.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18065","reference_id":"","reference_type":"","scores":[{"value":"0.07337","scoring_system":"epss","scoring_elements":"0.91838","published_at":"2026-06-04T12:55:00Z"},{"value":"0.07337","scoring_system":"epss","scoring_elements":"0.91862","published_at":"2026-06-09T12:55:00Z"},{"value":"0.07337","scoring_system":"epss","scoring_elements":"0.91849","published_at":"2026-06-07T12:55:00Z"},{"value":"0.07337","scoring_system":"epss","scoring_elements":"0.91848","published_at":"2026-06-08T12:55:00Z"},{"value":"0.07337","scoring_system":"epss","scoring_elements":"0.9185","published_at":"2026-06-05T12:55:00Z"},{"value":"0.07337","scoring_system":"epss","scoring_elements":"0.91852","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18065"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18065","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18065"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1637570","reference_id":"1637570","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1637570"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910638","reference_id":"910638","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=910638"},{"reference_url":"https://security.archlinux.org/ASA-201810-11","reference_id":"ASA-201810-11","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201810-11"},{"reference_url":"https://security.archlinux.org/AVG-777","reference_id":"AVG-777","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-777"},{"reference_url":"https://usn.ubuntu.com/3792-1/","reference_id":"USN-3792-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3792-1/"},{"reference_url":"https://usn.ubuntu.com/3792-2/","reference_id":"USN-3792-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3792-2/"},{"reference_url":"https://usn.ubuntu.com/3792-3/","reference_id":"USN-3792-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3792-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117727?format=json","purl":"pkg:deb/debian/net-snmp@5.7.3%2Bdfsg-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.7.3%252Bdfsg-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2018-18065"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wrrt-x229-p7ea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6228?format=json","vulnerability_id":"VCID-xhzc-jmrw-jye5","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18066.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18066.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18066","reference_id":"","reference_type":"","scores":[{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69615","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69569","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69594","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69606","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69616","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0059","scoring_system":"epss","scoring_elements":"0.69608","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18066"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18066","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18066"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1637572","reference_id":"1637572","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1637572"},{"reference_url":"https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d/","reference_id":"7ffb8e25a0db851953155de91f0170e9bf8c457d","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:28Z/"}],"url":"https://sourceforge.net/p/net-snmp/code/ci/7ffb8e25a0db851953155de91f0170e9bf8c457d/"},{"reference_url":"https://security.archlinux.org/AVG-783","reference_id":"AVG-783","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-783"},{"reference_url":"https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/","reference_id":"f23bcd3ac6ddee5d0a48f9703007ccc738914791","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:28Z/"}],"url":"https://sourceforge.net/p/net-snmp/code/ci/f23bcd3ac6ddee5d0a48f9703007ccc738914791/"},{"reference_url":"https://security.netapp.com/advisory/ntap-20181107-0001/","reference_id":"ntap-20181107-0001","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:30:28Z/"}],"url":"https://security.netapp.com/advisory/ntap-20181107-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1081","reference_id":"RHSA-2020:1081","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1081"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2539","reference_id":"RHSA-2020:2539","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2539"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117722?format=json","purl":"pkg:deb/debian/net-snmp@5.7.3%2Bdfsg-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.7.3%252Bdfsg-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2018-18066"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xhzc-jmrw-jye5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94535?format=json","vulnerability_id":"VCID-y6ew-mnbx-eygj","summary":"Net-SNMP 5.7.1 and earlier, when AgentX is registering to handle a MIB and processing GETNEXT requests, allows remote attackers to cause a denial of service (crash or infinite loop, CPU consumption, and hang) by causing the AgentX subagent to timeout.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6151.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6151.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-6151","reference_id":"","reference_type":"","scores":[{"value":"0.27425","scoring_system":"epss","scoring_elements":"0.9651","published_at":"2026-06-04T12:55:00Z"},{"value":"0.27425","scoring_system":"epss","scoring_elements":"0.96513","published_at":"2026-06-05T12:55:00Z"},{"value":"0.27425","scoring_system":"epss","scoring_elements":"0.96517","published_at":"2026-06-08T12:55:00Z"},{"value":"0.27425","scoring_system":"epss","scoring_elements":"0.96522","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-6151"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6151","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6151"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1038007","reference_id":"1038007","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1038007"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731625","reference_id":"731625","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731625"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/38854.sh","reference_id":"CVE-2012-6151;OSVDB-101547","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/38854.sh"},{"reference_url":"https://www.securityfocus.com/bid/64048/info","reference_id":"CVE-2012-6151;OSVDB-101547","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/64048/info"},{"reference_url":"https://security.gentoo.org/glsa/201409-02","reference_id":"GLSA-201409-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201409-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:0322","reference_id":"RHSA-2014:0322","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:0322"},{"reference_url":"https://usn.ubuntu.com/2166-1/","reference_id":"USN-2166-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2166-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117719?format=json","purl":"pkg:deb/debian/net-snmp@5.7.2.1~dfsg-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.7.2.1~dfsg-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2012-6151"],"risk_score":0.4,"exploitability":"2.0","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y6ew-mnbx-eygj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94556?format=json","vulnerability_id":"VCID-zhtk-9nzm-qyhp","summary":"net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to `SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable` can cause an out-of-bounds memory access. A user with read-write credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24807.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-24807.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24807","reference_id":"","reference_type":"","scores":[{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53564","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53594","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53622","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53631","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00299","scoring_system":"epss","scoring_elements":"0.53618","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-24807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24805"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24807"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24808"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24809"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24810"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139","reference_id":"1016139","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016139"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104763","reference_id":"2104763","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2104763"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937","reference_id":"67ebb43e9038b2dae6e74ae8838b36fcc10fc937","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:44:00Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/67ebb43e9038b2dae6e74ae8838b36fcc10fc937"},{"reference_url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_id":"ce66eb97c17aa9a48bc079be7b65895266fa6775","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:44:00Z/"}],"url":"https://github.com/net-snmp/net-snmp/commit/ce66eb97c17aa9a48bc079be7b65895266fa6775"},{"reference_url":"https://www.debian.org/security/2022/dsa-5209","reference_id":"dsa-5209","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:44:00Z/"}],"url":"https://www.debian.org/security/2022/dsa-5209"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/","reference_id":"FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:44:00Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX75KKGMO5XMV6JMQZF6KOG3JPFNQBY7/"},{"reference_url":"https://security.gentoo.org/glsa/202210-29","reference_id":"GLSA-202210-29","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:44:00Z/"}],"url":"https://security.gentoo.org/glsa/202210-29"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html","reference_id":"msg00020.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:44:00Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2022/08/msg00020.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7260","reference_id":"RHSA-2024:7260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:7875","reference_id":"RHSA-2024:7875","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:7875"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105239","reference_id":"show_bug.cgi?id=2105239","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T20:44:00Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2105239"},{"reference_url":"https://usn.ubuntu.com/5543-1/","reference_id":"USN-5543-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5543-1/"},{"reference_url":"https://usn.ubuntu.com/5795-2/","reference_id":"USN-5795-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5795-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/117704?format=json","purl":"pkg:deb/debian/net-snmp@5.9%2Bdfsg-4%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9%252Bdfsg-4%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117733?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117702?format=json","purl":"pkg:deb/debian/net-snmp@5.9.3%2Bdfsg-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.3%252Bdfsg-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117706?format=json","purl":"pkg:deb/debian/net-snmp@5.9.4%2Bdfsg-2%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.4%252Bdfsg-2%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/117705?format=json","purl":"pkg:deb/debian/net-snmp@5.9.5.2%2Bdfsg-2.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}],"aliases":["CVE-2022-24807"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zhtk-9nzm-qyhp"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/net-snmp@5.9.5.2%252Bdfsg-2.1%3Fdistro=trixie"}