{"url":"http://public2.vulnerablecode.io/api/packages/2218?format=json","purl":"pkg:ebuild/www-servers/lighttpd@1.4.35","type":"ebuild","namespace":"www-servers","name":"lighttpd","version":"1.4.35","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.4.67","latest_non_vulnerable_version":"1.4.67","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/107924?format=json","vulnerability_id":"VCID-3y3y-jjsr-7fhk","summary":"several","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4560","reference_id":"","reference_type":"","scores":[{"value":"0.05139","scoring_system":"epss","scoring_elements":"0.90082","published_at":"2026-06-11T12:55:00Z"},{"value":"0.05139","scoring_system":"epss","scoring_elements":"0.90113","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4560"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453","reference_id":"729453","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453"},{"reference_url":"https://security.gentoo.org/glsa/201406-10","reference_id":"GLSA-201406-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2218?format=json","purl":"pkg:ebuild/www-servers/lighttpd@1.4.35","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/lighttpd@1.4.35"}],"aliases":["CVE-2013-4560"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3y3y-jjsr-7fhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111223?format=json","vulnerability_id":"VCID-7pma-g3eq-2fdx","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2323","reference_id":"","reference_type":"","scores":[{"value":"0.91037","scoring_system":"epss","scoring_elements":"0.99656","published_at":"2026-06-11T12:55:00Z"},{"value":"0.91037","scoring_system":"epss","scoring_elements":"0.99657","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2323","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2323"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2324","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2324"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741493","reference_id":"741493","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=741493"},{"reference_url":"https://security.gentoo.org/glsa/201406-10","reference_id":"GLSA-201406-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2218?format=json","purl":"pkg:ebuild/www-servers/lighttpd@1.4.35","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/lighttpd@1.4.35"}],"aliases":["CVE-2014-2323"],"risk_score":1.6,"exploitability":"2.0","weighted_severity":"0.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7pma-g3eq-2fdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/107922?format=json","vulnerability_id":"VCID-fm97-fqfw-8ff6","summary":"several","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4508","reference_id":"","reference_type":"","scores":[{"value":"0.00834","scoring_system":"epss","scoring_elements":"0.75056","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00834","scoring_system":"epss","scoring_elements":"0.75127","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453","reference_id":"729453","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453"},{"reference_url":"https://security.gentoo.org/glsa/201406-10","reference_id":"GLSA-201406-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2218?format=json","purl":"pkg:ebuild/www-servers/lighttpd@1.4.35","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/lighttpd@1.4.35"}],"aliases":["CVE-2013-4508"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fm97-fqfw-8ff6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/107923?format=json","vulnerability_id":"VCID-gxfa-561t-sffx","summary":"several","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4559","reference_id":"","reference_type":"","scores":[{"value":"0.09523","scoring_system":"epss","scoring_elements":"0.93022","published_at":"2026-06-11T12:55:00Z"},{"value":"0.09523","scoring_system":"epss","scoring_elements":"0.93046","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4508"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4560"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453","reference_id":"729453","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729453"},{"reference_url":"https://security.gentoo.org/glsa/201406-10","reference_id":"GLSA-201406-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2218?format=json","purl":"pkg:ebuild/www-servers/lighttpd@1.4.35","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/lighttpd@1.4.35"}],"aliases":["CVE-2013-4559"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gxfa-561t-sffx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176887?format=json","vulnerability_id":"VCID-rnbu-169t-j7ag","summary":"Multiple vulnerabilities have been found in lighttpd, allowing\n    remote attackers cause a Denial of Service condition or execute arbitrary\n    SQL statements.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5533","reference_id":"","reference_type":"","scores":[{"value":"0.37913","scoring_system":"epss","scoring_elements":"0.9731","published_at":"2026-06-11T12:55:00Z"},{"value":"0.37913","scoring_system":"epss","scoring_elements":"0.97317","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5533"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5533","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5533"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22902.sh","reference_id":"CVE-2012-5533;OSVDB-87623","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22902.sh"},{"reference_url":"https://security.gentoo.org/glsa/201406-10","reference_id":"GLSA-201406-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2218?format=json","purl":"pkg:ebuild/www-servers/lighttpd@1.4.35","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/lighttpd@1.4.35"}],"aliases":["CVE-2012-5533"],"risk_score":0.6,"exploitability":"2.0","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rnbu-169t-j7ag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176886?format=json","vulnerability_id":"VCID-znsx-b761-fqdf","summary":"Multiple vulnerabilities have been found in lighttpd, allowing\n    remote attackers cause a Denial of Service condition or execute arbitrary\n    SQL statements.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4362","reference_id":"","reference_type":"","scores":[{"value":"0.04391","scoring_system":"epss","scoring_elements":"0.89232","published_at":"2026-06-11T12:55:00Z"},{"value":"0.04391","scoring_system":"epss","scoring_elements":"0.8927","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4362"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652726","reference_id":"652726","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652726"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18295.txt","reference_id":"CVE-2011-4362;OSVDB-77366","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/18295.txt"},{"reference_url":"https://security.gentoo.org/glsa/201406-10","reference_id":"GLSA-201406-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201406-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/2218?format=json","purl":"pkg:ebuild/www-servers/lighttpd@1.4.35","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/lighttpd@1.4.35"}],"aliases":["CVE-2011-4362"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-znsx-b761-fqdf"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/www-servers/lighttpd@1.4.35"}