{"url":"http://public2.vulnerablecode.io/api/packages/26007?format=json","purl":"pkg:deb/debian/bip@0.9.3-1.2?distro=trixie","type":"deb","namespace":"debian","name":"bip","version":"0.9.3-1.2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/186037?format=json","vulnerability_id":"VCID-2anc-8pkg-jybc","summary":"Multiple vulnerabilities in bip might allow remote unauthenticated\n    attackers to cause a Denial of Service or possibly execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3071","reference_id":"","reference_type":"","scores":[{"value":"0.0188","scoring_system":"epss","scoring_elements":"0.83558","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0188","scoring_system":"epss","scoring_elements":"0.83617","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3071"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3071","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3071"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595409","reference_id":"595409","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595409"},{"reference_url":"https://security.gentoo.org/glsa/201201-18","reference_id":"GLSA-201201-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201201-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/26005?format=json","purl":"pkg:deb/debian/bip@0.8.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.8.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26006?format=json","purl":"pkg:deb/debian/bip@0.9.0~rc4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.0~rc4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26004?format=json","purl":"pkg:deb/debian/bip@0.9.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26008?format=json","purl":"pkg:deb/debian/bip@0.9.3-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.3-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26007?format=json","purl":"pkg:deb/debian/bip@0.9.3-1.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.3-1.2%3Fdistro=trixie"}],"aliases":["CVE-2010-3071"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2anc-8pkg-jybc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202972?format=json","vulnerability_id":"VCID-5exs-dx82-vkbp","summary":"Bip before 0.8.9, when running as a daemon, writes SSL handshake errors to an unexpected file descriptor that was previously associated with stderr before stderr has been closed, which allows remote attackers to write to other sockets and have an unspecified impact via a failed SSL handshake, a different vulnerability than CVE-2011-5268. NOTE: some sources originally mapped this CVE to two different types of issues; this CVE has since been SPLIT, producing CVE-2011-5268.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4550","reference_id":"","reference_type":"","scores":[{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.77444","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01003","scoring_system":"epss","scoring_elements":"0.77514","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4550"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/26009?format=json","purl":"pkg:deb/debian/bip@0.8.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.8.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26006?format=json","purl":"pkg:deb/debian/bip@0.9.0~rc4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.0~rc4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26004?format=json","purl":"pkg:deb/debian/bip@0.9.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26008?format=json","purl":"pkg:deb/debian/bip@0.9.3-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.3-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26007?format=json","purl":"pkg:deb/debian/bip@0.9.3-1.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.3-1.2%3Fdistro=trixie"}],"aliases":["CVE-2013-4550"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5exs-dx82-vkbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/186038?format=json","vulnerability_id":"VCID-69cy-fwtj-kqf4","summary":"Multiple vulnerabilities in bip might allow remote unauthenticated\n    attackers to cause a Denial of Service or possibly execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0806","reference_id":"","reference_type":"","scores":[{"value":"0.04519","scoring_system":"epss","scoring_elements":"0.89399","published_at":"2026-06-11T12:55:00Z"},{"value":"0.04519","scoring_system":"epss","scoring_elements":"0.89436","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0806"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657217","reference_id":"657217","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657217"},{"reference_url":"https://security.gentoo.org/glsa/201201-18","reference_id":"GLSA-201201-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201201-18"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/26010?format=json","purl":"pkg:deb/debian/bip@0.8.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.8.8-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26006?format=json","purl":"pkg:deb/debian/bip@0.9.0~rc4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.0~rc4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26004?format=json","purl":"pkg:deb/debian/bip@0.9.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26008?format=json","purl":"pkg:deb/debian/bip@0.9.3-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.3-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26007?format=json","purl":"pkg:deb/debian/bip@0.9.3-1.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.3-1.2%3Fdistro=trixie"}],"aliases":["CVE-2012-0806"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-69cy-fwtj-kqf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202155?format=json","vulnerability_id":"VCID-khwr-7771-7ycx","summary":"connection.c in Bip before 0.8.9 does not properly close sockets, which allows remote attackers to cause a denial of service (file descriptor consumption and crash) via multiple failed SSL handshakes, a different vulnerability than CVE-2013-4550.  NOTE: this issue was SPLIT from CVE-2013-4550 because it is a different type of issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-5268","reference_id":"","reference_type":"","scores":[{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75473","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0086","scoring_system":"epss","scoring_elements":"0.75544","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-5268"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5268","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5268"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/26009?format=json","purl":"pkg:deb/debian/bip@0.8.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.8.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26006?format=json","purl":"pkg:deb/debian/bip@0.9.0~rc4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.0~rc4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26004?format=json","purl":"pkg:deb/debian/bip@0.9.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26008?format=json","purl":"pkg:deb/debian/bip@0.9.3-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.3-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26007?format=json","purl":"pkg:deb/debian/bip@0.9.3-1.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.3-1.2%3Fdistro=trixie"}],"aliases":["CVE-2011-5268"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-khwr-7771-7ycx"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bip@0.9.3-1.2%3Fdistro=trixie"}