{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","type":"deb","namespace":"debian","name":"unzip","version":"6.0-26+deb11u1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"6.0-27","latest_non_vulnerable_version":"6.0-29","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7043?format=json","vulnerability_id":"VCID-61ys-wpcv-bqfd","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13232.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13232.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13232","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14993","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14971","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.15029","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14946","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.15078","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.15069","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13232"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1727761","reference_id":"1727761","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1727761"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931433","reference_id":"931433","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931433"},{"reference_url":"https://security.archlinux.org/AVG-611","reference_id":"AVG-611","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-611"},{"reference_url":"https://security.gentoo.org/glsa/202003-58","reference_id":"GLSA-202003-58","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-58"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1181","reference_id":"RHSA-2020:1181","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1181"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1787","reference_id":"RHSA-2020:1787","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1787"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2486","reference_id":"RHSA-2020:2486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2486"},{"reference_url":"https://usn.ubuntu.com/4672-1/","reference_id":"USN-4672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4672-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133510?format=json","purl":"pkg:deb/debian/unzip@6.0-24?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-24%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2019-13232"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-61ys-wpcv-bqfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103398?format=json","vulnerability_id":"VCID-6w38-c83a-9fgx","summary":"Buffer overflow in UnZip 5.50 and earlier allows user-assisted attackers to execute arbitrary code via a long filename command line argument.  NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4667.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4667.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4667","reference_id":"","reference_type":"","scores":[{"value":"0.03134","scoring_system":"epss","scoring_elements":"0.87117","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03134","scoring_system":"epss","scoring_elements":"0.87139","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03134","scoring_system":"epss","scoring_elements":"0.87137","published_at":"2026-06-06T12:55:00Z"},{"value":"0.03134","scoring_system":"epss","scoring_elements":"0.87132","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03134","scoring_system":"epss","scoring_elements":"0.87128","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03134","scoring_system":"epss","scoring_elements":"0.87138","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4667"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4667","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4667"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617861","reference_id":"1617861","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617861"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349794","reference_id":"349794","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=349794"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/26913.c","reference_id":"CVE-2005-4667;OSVDB-22400","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/26913.c"},{"reference_url":"https://www.securityfocus.com/bid/15968/info","reference_id":"CVE-2005-4667;OSVDB-22400","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/15968/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0203","reference_id":"RHSA-2007:0203","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0203"},{"reference_url":"https://usn.ubuntu.com/248-1/","reference_id":"USN-248-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/248-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133500?format=json","purl":"pkg:deb/debian/unzip@5.52-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@5.52-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2005-4667"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6w38-c83a-9fgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103404?format=json","vulnerability_id":"VCID-7j9m-a4s1-q7ek","summary":"Buffer overflow in the charset_to_intern function in unix/unix.c in Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code via a crafted string, as demonstrated by converting a string from CP866 to UTF-8.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1315.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1315.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1315","reference_id":"","reference_type":"","scores":[{"value":"0.1061","scoring_system":"epss","scoring_elements":"0.93422","published_at":"2026-06-04T12:55:00Z"},{"value":"0.1061","scoring_system":"epss","scoring_elements":"0.93434","published_at":"2026-06-05T12:55:00Z"},{"value":"0.1061","scoring_system":"epss","scoring_elements":"0.93435","published_at":"2026-06-06T12:55:00Z"},{"value":"0.1061","scoring_system":"epss","scoring_elements":"0.93433","published_at":"2026-06-08T12:55:00Z"},{"value":"0.1061","scoring_system":"epss","scoring_elements":"0.93441","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1315"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1192603","reference_id":"1192603","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1192603"},{"reference_url":"https://usn.ubuntu.com/2502-1/","reference_id":"USN-2502-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2502-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133506?format=json","purl":"pkg:deb/debian/unzip@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2015-1315"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7j9m-a4s1-q7ek"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103408?format=json","vulnerability_id":"VCID-7pkp-ate8-uuan","summary":"A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000031.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000031.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000031","reference_id":"","reference_type":"","scores":[{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66874","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66914","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66922","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66907","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66891","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66909","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000031"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537059","reference_id":"1537059","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537059"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133506?format=json","purl":"pkg:deb/debian/unzip@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2018-1000031"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7pkp-ate8-uuan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103395?format=json","vulnerability_id":"VCID-aycd-m3ad-pbcs","summary":"Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0602.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0602.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0602","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34225","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34324","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.3434","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34305","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34262","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34283","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0602"},{"reference_url":"https://usn.ubuntu.com/159-1/","reference_id":"USN-159-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/159-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133498?format=json","purl":"pkg:deb/debian/unzip@5.52-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@5.52-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2005-0602"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aycd-m3ad-pbcs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103411?format=json","vulnerability_id":"VCID-cw7d-geqh-4ybg","summary":"An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000034.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000034.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000034","reference_id":"","reference_type":"","scores":[{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59608","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59659","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59662","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59653","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59633","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00377","scoring_system":"epss","scoring_elements":"0.59652","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000034"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1543333","reference_id":"1543333","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1543333"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133506?format=json","purl":"pkg:deb/debian/unzip@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2018-1000034"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cw7d-geqh-4ybg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7046?format=json","vulnerability_id":"VCID-eh5k-xz8h-1ufr","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9844.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9844.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9844","reference_id":"","reference_type":"","scores":[{"value":"0.09788","scoring_system":"epss","scoring_elements":"0.93103","published_at":"2026-06-04T12:55:00Z"},{"value":"0.09788","scoring_system":"epss","scoring_elements":"0.93116","published_at":"2026-06-09T12:55:00Z"},{"value":"0.09788","scoring_system":"epss","scoring_elements":"0.93109","published_at":"2026-06-07T12:55:00Z"},{"value":"0.09788","scoring_system":"epss","scoring_elements":"0.93107","published_at":"2026-06-08T12:55:00Z"},{"value":"0.09788","scoring_system":"epss","scoring_elements":"0.93113","published_at":"2026-06-05T12:55:00Z"},{"value":"0.09788","scoring_system":"epss","scoring_elements":"0.93112","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-9844"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9844"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1401864","reference_id":"1401864","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1401864"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847486","reference_id":"847486","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847486"},{"reference_url":"https://security.archlinux.org/AVG-611","reference_id":"AVG-611","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-611"},{"reference_url":"https://usn.ubuntu.com/4672-1/","reference_id":"USN-4672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4672-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133505?format=json","purl":"pkg:deb/debian/unzip@6.0-21?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-21%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2016-9844"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eh5k-xz8h-1ufr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103413?format=json","vulnerability_id":"VCID-fujt-c3dx-xyaq","summary":"A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0529.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0529.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0529","reference_id":"","reference_type":"","scores":[{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47615","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.4768","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47681","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47663","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47634","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47646","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0530"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355","reference_id":"1010355","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2051402","reference_id":"2051402","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2051402"},{"reference_url":"https://security.gentoo.org/glsa/202310-17","reference_id":"GLSA-202310-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-17"},{"reference_url":"https://usn.ubuntu.com/5673-1/","reference_id":"USN-5673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5673-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133511?format=json","purl":"pkg:deb/debian/unzip@6.0-27?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-27%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2022-0529"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fujt-c3dx-xyaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103403?format=json","vulnerability_id":"VCID-k658-w9mb-tyfq","summary":"unzip 6.0 allows remote attackers to cause a denial of service (out-of-bounds read or write and crash) via an extra field with an uncompressed size smaller than the compressed field size in a zip archive that advertises STORED method compression.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9636.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9636.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9636","reference_id":"","reference_type":"","scores":[{"value":"0.58381","scoring_system":"epss","scoring_elements":"0.98232","published_at":"2026-06-04T12:55:00Z"},{"value":"0.58381","scoring_system":"epss","scoring_elements":"0.98234","published_at":"2026-06-07T12:55:00Z"},{"value":"0.58381","scoring_system":"epss","scoring_elements":"0.98235","published_at":"2026-06-08T12:55:00Z"},{"value":"0.58381","scoring_system":"epss","scoring_elements":"0.98233","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9636"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9636","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9636"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1184985","reference_id":"1184985","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1184985"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776589","reference_id":"776589","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776589"},{"reference_url":"https://security.gentoo.org/glsa/201611-01","reference_id":"GLSA-201611-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201611-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0700","reference_id":"RHSA-2015:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0700"},{"reference_url":"https://usn.ubuntu.com/2489-1/","reference_id":"USN-2489-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2489-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133504?format=json","purl":"pkg:deb/debian/unzip@6.0-15?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-15%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2014-9636"],"risk_score":0.2,"exploitability":"0.5","weighted_severity":"0.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k658-w9mb-tyfq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103401?format=json","vulnerability_id":"VCID-kst5-hvc6-6ugy","summary":"Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8140.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8140.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8140","reference_id":"","reference_type":"","scores":[{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93109","published_at":"2026-06-04T12:55:00Z"},{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93121","published_at":"2026-06-05T12:55:00Z"},{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93119","published_at":"2026-06-06T12:55:00Z"},{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93116","published_at":"2026-06-07T12:55:00Z"},{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93114","published_at":"2026-06-08T12:55:00Z"},{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93123","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1174851","reference_id":"1174851","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1174851"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722","reference_id":"773722","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722"},{"reference_url":"https://security.gentoo.org/glsa/201611-01","reference_id":"GLSA-201611-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201611-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0700","reference_id":"RHSA-2015:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0700"},{"reference_url":"https://usn.ubuntu.com/2472-1/","reference_id":"USN-2472-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2472-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133503?format=json","purl":"pkg:deb/debian/unzip@6.0-13?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-13%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2014-8140"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kst5-hvc6-6ugy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103400?format=json","vulnerability_id":"VCID-myfq-v13h-yue6","summary":"Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8139.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8139.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8139","reference_id":"","reference_type":"","scores":[{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93109","published_at":"2026-06-04T12:55:00Z"},{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93121","published_at":"2026-06-05T12:55:00Z"},{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93119","published_at":"2026-06-06T12:55:00Z"},{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93116","published_at":"2026-06-07T12:55:00Z"},{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93114","published_at":"2026-06-08T12:55:00Z"},{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93123","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1174844","reference_id":"1174844","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1174844"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722","reference_id":"773722","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722"},{"reference_url":"https://security.gentoo.org/glsa/201611-01","reference_id":"GLSA-201611-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201611-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0700","reference_id":"RHSA-2015:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0700"},{"reference_url":"https://usn.ubuntu.com/2472-1/","reference_id":"USN-2472-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2472-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133502?format=json","purl":"pkg:deb/debian/unzip@6.0-16?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-16%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2014-8139"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-myfq-v13h-yue6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103410?format=json","vulnerability_id":"VCID-prba-qfju-17ey","summary":"An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000033.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000033.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000033","reference_id":"","reference_type":"","scores":[{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66886","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66926","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66935","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66919","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66903","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66921","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000033"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537062","reference_id":"1537062","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537062"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133506?format=json","purl":"pkg:deb/debian/unzip@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2018-1000033"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-prba-qfju-17ey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103409?format=json","vulnerability_id":"VCID-s3um-dzvw-uyf6","summary":"A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000032.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000032.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000032","reference_id":"","reference_type":"","scores":[{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66874","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66914","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66922","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66907","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66891","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00513","scoring_system":"epss","scoring_elements":"0.66909","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000032"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537055","reference_id":"1537055","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537055"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133506?format=json","purl":"pkg:deb/debian/unzip@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2018-1000032"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s3um-dzvw-uyf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103397?format=json","vulnerability_id":"VCID-ubjw-aejr-wfbh","summary":"Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2475.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2475.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2475","reference_id":"","reference_type":"","scores":[{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.2325","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23332","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23317","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23272","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23218","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23222","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2475"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2475","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2475"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617723","reference_id":"1617723","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617723"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=321927","reference_id":"321927","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=321927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0203","reference_id":"RHSA-2007:0203","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0203"},{"reference_url":"https://usn.ubuntu.com/191-1/","reference_id":"USN-191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/191-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133499?format=json","purl":"pkg:deb/debian/unzip@5.52-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@5.52-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2005-2475"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ubjw-aejr-wfbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7044?format=json","vulnerability_id":"VCID-udur-gyyp-mkce","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18384.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18384.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18384","reference_id":"","reference_type":"","scores":[{"value":"0.03223","scoring_system":"epss","scoring_elements":"0.87292","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03223","scoring_system":"epss","scoring_elements":"0.87318","published_at":"2026-06-09T12:55:00Z"},{"value":"0.03223","scoring_system":"epss","scoring_elements":"0.87309","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03223","scoring_system":"epss","scoring_elements":"0.87306","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03223","scoring_system":"epss","scoring_elements":"0.87314","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03223","scoring_system":"epss","scoring_elements":"0.87312","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18384","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18384"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1642931","reference_id":"1642931","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1642931"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741384","reference_id":"741384","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741384"},{"reference_url":"https://security.archlinux.org/AVG-611","reference_id":"AVG-611","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-611"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2159","reference_id":"RHSA-2019:2159","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2159"},{"reference_url":"https://usn.ubuntu.com/4672-1/","reference_id":"USN-4672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4672-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133509?format=json","purl":"pkg:deb/debian/unzip@6.0-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2018-18384"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-udur-gyyp-mkce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7045?format=json","vulnerability_id":"VCID-uf4b-432j-p3hu","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000035.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000035.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000035","reference_id":"","reference_type":"","scores":[{"value":"0.63564","scoring_system":"epss","scoring_elements":"0.98434","published_at":"2026-06-04T12:55:00Z"},{"value":"0.63564","scoring_system":"epss","scoring_elements":"0.98435","published_at":"2026-06-09T12:55:00Z"},{"value":"0.63564","scoring_system":"epss","scoring_elements":"0.98439","published_at":"2026-06-06T12:55:00Z"},{"value":"0.63564","scoring_system":"epss","scoring_elements":"0.98438","published_at":"2026-06-07T12:55:00Z"},{"value":"0.63564","scoring_system":"epss","scoring_elements":"0.98437","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1000035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000035"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537043","reference_id":"1537043","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1537043"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838","reference_id":"889838","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=889838"},{"reference_url":"https://security.archlinux.org/AVG-611","reference_id":"AVG-611","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-611"},{"reference_url":"https://security.gentoo.org/glsa/202003-58","reference_id":"GLSA-202003-58","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-58"},{"reference_url":"https://usn.ubuntu.com/4672-1/","reference_id":"USN-4672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4672-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133508?format=json","purl":"pkg:deb/debian/unzip@6.0-22?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-22%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2018-1000035"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uf4b-432j-p3hu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103406?format=json","vulnerability_id":"VCID-ug2y-pd7y-17hz","summary":"Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (infinite loop) via empty bzip2 data in a ZIP archive.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7697.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7697.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7697","reference_id":"","reference_type":"","scores":[{"value":"0.33036","scoring_system":"epss","scoring_elements":"0.96987","published_at":"2026-06-04T12:55:00Z"},{"value":"0.33036","scoring_system":"epss","scoring_elements":"0.96991","published_at":"2026-06-05T12:55:00Z"},{"value":"0.33036","scoring_system":"epss","scoring_elements":"0.96994","published_at":"2026-06-06T12:55:00Z"},{"value":"0.33036","scoring_system":"epss","scoring_elements":"0.96996","published_at":"2026-06-07T12:55:00Z"},{"value":"0.33036","scoring_system":"epss","scoring_elements":"0.96995","published_at":"2026-06-08T12:55:00Z"},{"value":"0.33036","scoring_system":"epss","scoring_elements":"0.96998","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7697"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7697","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7697"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1260944","reference_id":"1260944","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1260944"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802160","reference_id":"802160","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802160"},{"reference_url":"https://usn.ubuntu.com/2788-1/","reference_id":"USN-2788-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2788-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133507?format=json","purl":"pkg:deb/debian/unzip@6.0-19?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-19%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2015-7697"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ug2y-pd7y-17hz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103399?format=json","vulnerability_id":"VCID-va2g-sbj9-cub6","summary":"The NEEDBITS macro in the inflate_dynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0888.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0888.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0888","reference_id":"","reference_type":"","scores":[{"value":"0.16321","scoring_system":"epss","scoring_elements":"0.94985","published_at":"2026-06-08T12:55:00Z"},{"value":"0.16321","scoring_system":"epss","scoring_elements":"0.9499","published_at":"2026-06-09T12:55:00Z"},{"value":"0.1904","scoring_system":"epss","scoring_elements":"0.95452","published_at":"2026-06-04T12:55:00Z"},{"value":"0.1904","scoring_system":"epss","scoring_elements":"0.9546","published_at":"2026-06-05T12:55:00Z"},{"value":"0.1904","scoring_system":"epss","scoring_elements":"0.95462","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0888"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0888","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0888"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=431438","reference_id":"431438","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=431438"},{"reference_url":"https://security.gentoo.org/glsa/200804-06","reference_id":"GLSA-200804-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200804-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0196","reference_id":"RHSA-2008:0196","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0196"},{"reference_url":"https://usn.ubuntu.com/589-1/","reference_id":"USN-589-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/589-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133501?format=json","purl":"pkg:deb/debian/unzip@5.52-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@5.52-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2008-0888"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-va2g-sbj9-cub6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103394?format=json","vulnerability_id":"VCID-vqkg-3fej-fqgc","summary":"Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a \"..\" sequence.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0282.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0282.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0282","reference_id":"","reference_type":"","scores":[{"value":"0.21129","scoring_system":"epss","scoring_elements":"0.95767","published_at":"2026-06-04T12:55:00Z"},{"value":"0.21129","scoring_system":"epss","scoring_elements":"0.95772","published_at":"2026-06-05T12:55:00Z"},{"value":"0.21129","scoring_system":"epss","scoring_elements":"0.95775","published_at":"2026-06-06T12:55:00Z"},{"value":"0.21129","scoring_system":"epss","scoring_elements":"0.95776","published_at":"2026-06-08T12:55:00Z"},{"value":"0.21129","scoring_system":"epss","scoring_elements":"0.9578","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0282","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0282"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617015","reference_id":"1617015","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617015"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22584.txt","reference_id":"CVE-2003-0282;OSVDB-2168","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22584.txt"},{"reference_url":"https://www.securityfocus.com/bid/7550/info","reference_id":"CVE-2003-0282;OSVDB-2168","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/7550/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:199","reference_id":"RHSA-2003:199","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:199"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:200","reference_id":"RHSA-2003:200","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:200"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:218","reference_id":"RHSA-2003:218","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:218"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133495?format=json","purl":"pkg:deb/debian/unzip@5.50-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@5.50-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2003-0282"],"risk_score":0.4,"exploitability":"2.0","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vqkg-3fej-fqgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103402?format=json","vulnerability_id":"VCID-wz9z-wubj-ffg6","summary":"Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8141.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8141.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8141","reference_id":"","reference_type":"","scores":[{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93109","published_at":"2026-06-04T12:55:00Z"},{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93121","published_at":"2026-06-05T12:55:00Z"},{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93119","published_at":"2026-06-06T12:55:00Z"},{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93116","published_at":"2026-06-07T12:55:00Z"},{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93114","published_at":"2026-06-08T12:55:00Z"},{"value":"0.09808","scoring_system":"epss","scoring_elements":"0.93123","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8141"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8139"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8140"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8141"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1174856","reference_id":"1174856","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1174856"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722","reference_id":"773722","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773722"},{"reference_url":"https://security.gentoo.org/glsa/201611-01","reference_id":"GLSA-201611-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201611-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0700","reference_id":"RHSA-2015:0700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0700"},{"reference_url":"https://usn.ubuntu.com/2472-1/","reference_id":"USN-2472-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2472-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133503?format=json","purl":"pkg:deb/debian/unzip@6.0-13?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-13%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2014-8141"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wz9z-wubj-ffg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103405?format=json","vulnerability_id":"VCID-yeh3-f39z-2khj","summary":"Info-ZIP UnZip 6.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) or possibly execute arbitrary code via a crafted password-protected ZIP archive, possibly related to an Extra-Field size value.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7696.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7696.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7696","reference_id":"","reference_type":"","scores":[{"value":"0.34932","scoring_system":"epss","scoring_elements":"0.97115","published_at":"2026-06-04T12:55:00Z"},{"value":"0.34932","scoring_system":"epss","scoring_elements":"0.97118","published_at":"2026-06-05T12:55:00Z"},{"value":"0.34932","scoring_system":"epss","scoring_elements":"0.97119","published_at":"2026-06-06T12:55:00Z"},{"value":"0.34932","scoring_system":"epss","scoring_elements":"0.97122","published_at":"2026-06-08T12:55:00Z"},{"value":"0.34932","scoring_system":"epss","scoring_elements":"0.97125","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7696","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7696"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7697","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7697"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1260944","reference_id":"1260944","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1260944"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802162","reference_id":"802162","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=802162"},{"reference_url":"https://usn.ubuntu.com/2788-1/","reference_id":"USN-2788-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2788-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133507?format=json","purl":"pkg:deb/debian/unzip@6.0-19?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-19%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2015-7696"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yeh3-f39z-2khj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/103414?format=json","vulnerability_id":"VCID-yham-89ue-zkcu","summary":"A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0530.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0530.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0530","reference_id":"","reference_type":"","scores":[{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36927","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37018","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.37025","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36991","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36952","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00163","scoring_system":"epss","scoring_elements":"0.36966","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-0530"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0529","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0529"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0530","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0530"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355","reference_id":"1010355","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010355"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2051395","reference_id":"2051395","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2051395"},{"reference_url":"https://security.gentoo.org/glsa/202310-17","reference_id":"GLSA-202310-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202310-17"},{"reference_url":"https://usn.ubuntu.com/5673-1/","reference_id":"USN-5673-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5673-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133511?format=json","purl":"pkg:deb/debian/unzip@6.0-27?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-27%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2022-0530"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yham-89ue-zkcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7047?format=json","vulnerability_id":"VCID-zzw3-avu4-wqa8","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9913.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9913.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9913","reference_id":"","reference_type":"","scores":[{"value":"0.0459","scoring_system":"epss","scoring_elements":"0.89435","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0459","scoring_system":"epss","scoring_elements":"0.89418","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0459","scoring_system":"epss","scoring_elements":"0.89453","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0459","scoring_system":"epss","scoring_elements":"0.89436","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9913","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9913"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1401865","reference_id":"1401865","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1401865"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847485","reference_id":"847485","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847485"},{"reference_url":"https://security.archlinux.org/AVG-611","reference_id":"AVG-611","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-611"},{"reference_url":"https://usn.ubuntu.com/4672-1/","reference_id":"USN-4672-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4672-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/133505?format=json","purl":"pkg:deb/debian/unzip@6.0-21?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-21%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133496?format=json","purl":"pkg:deb/debian/unzip@6.0-26%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133494?format=json","purl":"pkg:deb/debian/unzip@6.0-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/133497?format=json","purl":"pkg:deb/debian/unzip@6.0-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-29%3Fdistro=trixie"}],"aliases":["CVE-2014-9913"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zzw3-avu4-wqa8"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/unzip@6.0-26%252Bdeb11u1%3Fdistro=trixie"}