{"url":"http://public2.vulnerablecode.io/api/packages/213820?format=json","purl":"pkg:deb/debian/ecryptfs-utils@99-1%2Bdeb7u1","type":"deb","namespace":"debian","name":"ecryptfs-utils","version":"99-1+deb7u1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"111-4","latest_non_vulnerable_version":"111-4","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66429?format=json","vulnerability_id":"VCID-2tzn-dyv5-aqc9","summary":"eCryptfs 104 and earlier uses a default salt to encrypt the mount passphrase, which makes it easier for attackers to obtain user passwords via a brute force attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9687.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9687.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9687","reference_id":"","reference_type":"","scores":[{"value":"0.00518","scoring_system":"epss","scoring_elements":"0.67113","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00518","scoring_system":"epss","scoring_elements":"0.67155","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00518","scoring_system":"epss","scoring_elements":"0.67162","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00518","scoring_system":"epss","scoring_elements":"0.67146","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00518","scoring_system":"epss","scoring_elements":"0.6713","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9687"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9687","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9687"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1193091","reference_id":"1193091","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1193091"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780385","reference_id":"780385","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780385"},{"reference_url":"https://usn.ubuntu.com/2524-1/","reference_id":"USN-2524-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2524-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/281751?format=json","purl":"pkg:deb/debian/ecryptfs-utils@103-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4av8-4nw7-dke1"},{"vulnerability":"VCID-m6ax-5u2y-9ucs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@103-5"}],"aliases":["CVE-2014-9687"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2tzn-dyv5-aqc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66431?format=json","vulnerability_id":"VCID-4av8-4nw7-dke1","summary":"mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1572.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1572.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1572","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16827","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16728","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16832","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16752","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16791","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16709","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1572"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1572","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1572"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:C/I:C/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1300594","reference_id":"1300594","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1300594"},{"reference_url":"https://usn.ubuntu.com/2876-1/","reference_id":"USN-2876-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2876-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/281752?format=json","purl":"pkg:deb/debian/ecryptfs-utils@103-5%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4av8-4nw7-dke1"},{"vulnerability":"VCID-m6ax-5u2y-9ucs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@103-5%252Bdeb8u1"},{"url":"http://public2.vulnerablecode.io/api/packages/549637?format=json","purl":"pkg:deb/debian/ecryptfs-utils@111-4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@111-4"}],"aliases":["CVE-2016-1572"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4av8-4nw7-dke1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66430?format=json","vulnerability_id":"VCID-m6ax-5u2y-9ucs","summary":"ecryptfs-setup-swap in eCryptfs before 111 does not prevent the unencrypted swap partition from activating during boot when using GPT partitioning and certain versions of systemd, which allows local users to obtain sensitive information via unspecified vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8946.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8946.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8946","reference_id":"","reference_type":"","scores":[{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31137","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31205","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31127","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31172","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31104","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8946"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8946","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8946"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:H/Au:N/C:C/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1356825","reference_id":"1356825","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1356825"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/549637?format=json","purl":"pkg:deb/debian/ecryptfs-utils@111-4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@111-4"}],"aliases":["CVE-2015-8946"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m6ax-5u2y-9ucs"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66431?format=json","vulnerability_id":"VCID-4av8-4nw7-dke1","summary":"mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1572.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1572.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1572","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16827","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16728","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16832","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16752","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16791","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16709","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1572"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1572","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1572"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:C/I:C/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1300594","reference_id":"1300594","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1300594"},{"reference_url":"https://usn.ubuntu.com/2876-1/","reference_id":"USN-2876-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2876-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/213820?format=json","purl":"pkg:deb/debian/ecryptfs-utils@99-1%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2tzn-dyv5-aqc9"},{"vulnerability":"VCID-4av8-4nw7-dke1"},{"vulnerability":"VCID-m6ax-5u2y-9ucs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@99-1%252Bdeb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/281752?format=json","purl":"pkg:deb/debian/ecryptfs-utils@103-5%2Bdeb8u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4av8-4nw7-dke1"},{"vulnerability":"VCID-m6ax-5u2y-9ucs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@103-5%252Bdeb8u1"},{"url":"http://public2.vulnerablecode.io/api/packages/549637?format=json","purl":"pkg:deb/debian/ecryptfs-utils@111-4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@111-4"}],"aliases":["CVE-2016-1572"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4av8-4nw7-dke1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66421?format=json","vulnerability_id":"VCID-6u4s-aftt-vfha","summary":"utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to remove directories via a umount system call.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1832.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1832.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1832","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13171","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13248","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13251","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13212","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13136","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13168","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1832"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1832","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1832"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=729465","reference_id":"729465","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=729465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1241","reference_id":"RHSA-2011:1241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1241"},{"reference_url":"https://usn.ubuntu.com/1188-1/","reference_id":"USN-1188-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1188-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/213820?format=json","purl":"pkg:deb/debian/ecryptfs-utils@99-1%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2tzn-dyv5-aqc9"},{"vulnerability":"VCID-4av8-4nw7-dke1"},{"vulnerability":"VCID-m6ax-5u2y-9ucs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@99-1%252Bdeb7u1"}],"aliases":["CVE-2011-1832"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6u4s-aftt-vfha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66420?format=json","vulnerability_id":"VCID-8cys-asr8-uyht","summary":"utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly check mountpoint permissions, which allows local users to effectively replace any directory with a new filesystem, and consequently gain privileges, via a mount system call.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1831.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1831.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1831","reference_id":"","reference_type":"","scores":[{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13311","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13387","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13392","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13352","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13271","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00043","scoring_system":"epss","scoring_elements":"0.13302","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1831"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1831","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1831"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=729465","reference_id":"729465","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=729465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1241","reference_id":"RHSA-2011:1241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1241"},{"reference_url":"https://usn.ubuntu.com/1188-1/","reference_id":"USN-1188-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1188-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/213820?format=json","purl":"pkg:deb/debian/ecryptfs-utils@99-1%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2tzn-dyv5-aqc9"},{"vulnerability":"VCID-4av8-4nw7-dke1"},{"vulnerability":"VCID-m6ax-5u2y-9ucs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@99-1%252Bdeb7u1"}],"aliases":["CVE-2011-1831"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8cys-asr8-uyht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66425?format=json","vulnerability_id":"VCID-kpqj-kaes-x3bx","summary":"utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1836.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1836.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1836","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14761","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14846","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14842","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14801","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14717","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14738","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1836"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=730964","reference_id":"730964","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=730964"},{"reference_url":"https://usn.ubuntu.com/1188-1/","reference_id":"USN-1188-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1188-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/213820?format=json","purl":"pkg:deb/debian/ecryptfs-utils@99-1%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2tzn-dyv5-aqc9"},{"vulnerability":"VCID-4av8-4nw7-dke1"},{"vulnerability":"VCID-m6ax-5u2y-9ucs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@99-1%252Bdeb7u1"}],"aliases":["CVE-2011-1836"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kpqj-kaes-x3bx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66428?format=json","vulnerability_id":"VCID-nt44-d8rx-bud6","summary":"ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3409.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3409.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3409","reference_id":"","reference_type":"","scores":[{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22654","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22738","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22723","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22677","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22627","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00075","scoring_system":"epss","scoring_elements":"0.22629","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3409"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=682220","reference_id":"682220","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=682220"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=841940","reference_id":"841940","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=841940"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/213820?format=json","purl":"pkg:deb/debian/ecryptfs-utils@99-1%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2tzn-dyv5-aqc9"},{"vulnerability":"VCID-4av8-4nw7-dke1"},{"vulnerability":"VCID-m6ax-5u2y-9ucs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@99-1%252Bdeb7u1"}],"aliases":["CVE-2012-3409"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nt44-d8rx-bud6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66427?format=json","vulnerability_id":"VCID-p8ez-urty-fba7","summary":"When mount.ecrpytfs_private before version 87-0ubuntu1.2 calls setreuid() it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfs_private.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3145.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3145.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3145","reference_id":"","reference_type":"","scores":[{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46403","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.4647","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46472","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46451","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46425","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46435","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3145"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3145","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3145"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=732607","reference_id":"732607","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=732607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1241","reference_id":"RHSA-2011:1241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1241"},{"reference_url":"https://usn.ubuntu.com/1196-1/","reference_id":"USN-1196-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1196-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/213820?format=json","purl":"pkg:deb/debian/ecryptfs-utils@99-1%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2tzn-dyv5-aqc9"},{"vulnerability":"VCID-4av8-4nw7-dke1"},{"vulnerability":"VCID-m6ax-5u2y-9ucs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@99-1%252Bdeb7u1"}],"aliases":["CVE-2011-3145"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p8ez-urty-fba7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66426?format=json","vulnerability_id":"VCID-pazj-dk1k-dqfe","summary":"The lock-counter implementation in utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 allows local users to overwrite arbitrary files via unspecified vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1837.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1837.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1837","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17215","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17293","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1729","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17255","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17175","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17194","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1837"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=729465","reference_id":"729465","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=729465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1241","reference_id":"RHSA-2011:1241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1241"},{"reference_url":"https://usn.ubuntu.com/1188-1/","reference_id":"USN-1188-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1188-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/213820?format=json","purl":"pkg:deb/debian/ecryptfs-utils@99-1%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2tzn-dyv5-aqc9"},{"vulnerability":"VCID-4av8-4nw7-dke1"},{"vulnerability":"VCID-m6ax-5u2y-9ucs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@99-1%252Bdeb7u1"}],"aliases":["CVE-2011-1837"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pazj-dk1k-dqfe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66423?format=json","vulnerability_id":"VCID-scf9-jjgw-t3d3","summary":"utils/mount.ecryptfs_private.c in ecryptfs-utils before 90 does not properly maintain the mtab file during error conditions, which allows local users to cause a denial of service (table corruption) or bypass intended unmounting restrictions via a umount system call.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1834.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1834.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1834","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17691","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.1777","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17764","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17731","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17656","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17674","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1834"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1834","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1834"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=729465","reference_id":"729465","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=729465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1241","reference_id":"RHSA-2011:1241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1241"},{"reference_url":"https://usn.ubuntu.com/1188-1/","reference_id":"USN-1188-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1188-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/213820?format=json","purl":"pkg:deb/debian/ecryptfs-utils@99-1%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2tzn-dyv5-aqc9"},{"vulnerability":"VCID-4av8-4nw7-dke1"},{"vulnerability":"VCID-m6ax-5u2y-9ucs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@99-1%252Bdeb7u1"}],"aliases":["CVE-2011-1834"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-scf9-jjgw-t3d3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66424?format=json","vulnerability_id":"VCID-w3mx-xyc6-6yh8","summary":"The encrypted private-directory setup process in utils/ecryptfs-setup-private in ecryptfs-utils before 90 does not properly ensure that the passphrase file is created, which might allow local users to bypass intended access restrictions at a certain time in the new-user creation steps.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1835.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1835.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1835","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18574","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18652","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18655","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18616","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18535","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18552","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1835"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1835","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1835"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=729465","reference_id":"729465","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=729465"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1241","reference_id":"RHSA-2011:1241","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1241"},{"reference_url":"https://usn.ubuntu.com/1188-1/","reference_id":"USN-1188-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1188-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/213820?format=json","purl":"pkg:deb/debian/ecryptfs-utils@99-1%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2tzn-dyv5-aqc9"},{"vulnerability":"VCID-4av8-4nw7-dke1"},{"vulnerability":"VCID-m6ax-5u2y-9ucs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@99-1%252Bdeb7u1"}],"aliases":["CVE-2011-1835"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w3mx-xyc6-6yh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66422?format=json","vulnerability_id":"VCID-w51a-3vmc-bbfu","summary":"Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1833.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1833.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1833","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02275","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0229","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02296","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02263","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02247","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02222","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-1833"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1833","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1833"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=731172","reference_id":"731172","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=731172"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1350","reference_id":"RHSA-2011:1350","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1386","reference_id":"RHSA-2011:1386","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1386"},{"reference_url":"https://usn.ubuntu.com/1188-1/","reference_id":"USN-1188-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1188-1/"},{"reference_url":"https://usn.ubuntu.com/1202-1/","reference_id":"USN-1202-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1202-1/"},{"reference_url":"https://usn.ubuntu.com/1204-1/","reference_id":"USN-1204-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1204-1/"},{"reference_url":"https://usn.ubuntu.com/1211-1/","reference_id":"USN-1211-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1211-1/"},{"reference_url":"https://usn.ubuntu.com/1212-1/","reference_id":"USN-1212-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1212-1/"},{"reference_url":"https://usn.ubuntu.com/1219-1/","reference_id":"USN-1219-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1219-1/"},{"reference_url":"https://usn.ubuntu.com/1227-1/","reference_id":"USN-1227-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1227-1/"},{"reference_url":"https://usn.ubuntu.com/1239-1/","reference_id":"USN-1239-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1239-1/"},{"reference_url":"https://usn.ubuntu.com/1240-1/","reference_id":"USN-1240-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1240-1/"},{"reference_url":"https://usn.ubuntu.com/1245-1/","reference_id":"USN-1245-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1245-1/"},{"reference_url":"https://usn.ubuntu.com/1253-1/","reference_id":"USN-1253-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1253-1/"},{"reference_url":"https://usn.ubuntu.com/1256-1/","reference_id":"USN-1256-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1256-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/213820?format=json","purl":"pkg:deb/debian/ecryptfs-utils@99-1%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2tzn-dyv5-aqc9"},{"vulnerability":"VCID-4av8-4nw7-dke1"},{"vulnerability":"VCID-m6ax-5u2y-9ucs"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@99-1%252Bdeb7u1"}],"aliases":["CVE-2011-1833"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w51a-3vmc-bbfu"}],"risk_score":"2.1","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/ecryptfs-utils@99-1%252Bdeb7u1"}