{"url":"http://public2.vulnerablecode.io/api/packages/130206?format=json","purl":"pkg:rpm/redhat/openssh@3.6.1p2-33.30?arch=9","type":"rpm","namespace":"redhat","name":"openssh","version":"3.6.1p2-33.30","qualifiers":{"arch":"9"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60697?format=json","vulnerability_id":"VCID-rwzw-vrhk-sqfw","summary":"A flaw in OpenSSH and Dropbear allows local users to elevate their\n    privileges via scp.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0225.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0225.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0225","reference_id":"","reference_type":"","scores":[{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26035","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26119","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.2616","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25929","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25996","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26047","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26057","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26011","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25952","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25957","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25938","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25908","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25844","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25838","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25791","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.2568","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0225"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0225"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=168167","reference_id":"168167","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=168167"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349645","reference_id":"349645","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349645"},{"reference_url":"https://security.gentoo.org/glsa/200602-11","reference_id":"GLSA-200602-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200602-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0044","reference_id":"RHSA-2006:0044","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0044"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0298","reference_id":"RHSA-2006:0298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0698","reference_id":"RHSA-2006:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0698"},{"reference_url":"https://usn.ubuntu.com/255-1/","reference_id":"USN-255-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/255-1/"}],"fixed_packages":[],"aliases":["CVE-2006-0225"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rwzw-vrhk-sqfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/89677?format=json","vulnerability_id":"VCID-wx7h-g53d-67eh","summary":"security flaw","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0386.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0386.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0386","reference_id":"","reference_type":"","scores":[{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92869","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92877","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.9288","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92878","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92886","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92891","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92896","published_at":"2026-04-11T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92894","published_at":"2026-04-12T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92895","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92905","published_at":"2026-04-16T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92907","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92913","published_at":"2026-04-21T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92916","published_at":"2026-04-24T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92918","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92914","published_at":"2026-04-29T12:55:00Z"},{"value":"0.09637","scoring_system":"epss","scoring_elements":"0.92922","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0386"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0386","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0386"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617024","reference_id":"1617024","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0298","reference_id":"RHSA-2006:0298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0698","reference_id":"RHSA-2006:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0698"}],"fixed_packages":[],"aliases":["CVE-2003-0386"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wx7h-g53d-67eh"}],"fixing_vulnerabilities":[],"risk_score":"0.1","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openssh@3.6.1p2-33.30%3Farch=9"}