{"url":"http://public2.vulnerablecode.io/api/packages/26047?format=json","purl":"pkg:deb/debian/blender@2.40-1?distro=trixie","type":"deb","namespace":"debian","name":"blender","version":"2.40-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.42a-6","latest_non_vulnerable_version":"4.3.2+dfsg-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/180915?format=json","vulnerability_id":"VCID-7a9m-mrwg-5yhs","summary":"Multiple vulnerabilities have been found in Blender, the worst of\n    which could allow attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1103.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1103.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1103","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24847","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.25046","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1103"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1103","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1103"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=444535","reference_id":"444535","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=444535"},{"reference_url":"https://security.gentoo.org/glsa/200805-12","reference_id":"GLSA-200805-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200805-12"},{"reference_url":"https://security.gentoo.org/glsa/201311-07","reference_id":"GLSA-201311-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201311-07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/26047?format=json","purl":"pkg:deb/debian/blender@2.40-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/blender@2.40-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26045?format=json","purl":"pkg:deb/debian/blender@2.83.5%2Bdfsg-5%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mvw8-r9yc-nqg1"},{"vulnerability":"VCID-sc21-1ke5-3qgj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/blender@2.83.5%252Bdfsg-5%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26041?format=json","purl":"pkg:deb/debian/blender@3.4.1%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/blender@3.4.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26046?format=json","purl":"pkg:deb/debian/blender@4.3.2%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/blender@4.3.2%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2008-1103"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7a9m-mrwg-5yhs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184664?format=json","vulnerability_id":"VCID-ury1-ymwb-13am","summary":"Blender is vulnerable to a buffer overflow that may be exploited by\n    attackers to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4470","reference_id":"","reference_type":"","scores":[{"value":"0.05971","scoring_system":"epss","scoring_elements":"0.90867","published_at":"2026-06-11T12:55:00Z"},{"value":"0.05971","scoring_system":"epss","scoring_elements":"0.90896","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4470"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4470","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4470"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=344398","reference_id":"344398","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=344398"},{"reference_url":"https://security.gentoo.org/glsa/200601-08","reference_id":"GLSA-200601-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200601-08"},{"reference_url":"https://usn.ubuntu.com/238-2/","reference_id":"USN-238-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/238-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/26047?format=json","purl":"pkg:deb/debian/blender@2.40-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/blender@2.40-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26045?format=json","purl":"pkg:deb/debian/blender@2.83.5%2Bdfsg-5%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mvw8-r9yc-nqg1"},{"vulnerability":"VCID-sc21-1ke5-3qgj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/blender@2.83.5%252Bdfsg-5%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26041?format=json","purl":"pkg:deb/debian/blender@3.4.1%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/blender@3.4.1%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26046?format=json","purl":"pkg:deb/debian/blender@4.3.2%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/blender@4.3.2%252Bdfsg-2%3Fdistro=trixie"}],"aliases":["CVE-2005-4470"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ury1-ymwb-13am"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/blender@2.40-1%3Fdistro=trixie"}