Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/35709?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/35709?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-162?distro=trixie", "type": "deb", "namespace": "debian", "name": "cron", "version": "3.0pl1-162", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "3.0pl1-197", "latest_non_vulnerable_version": "3.0pl1-209", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212407?format=api", "vulnerability_id": "VCID-2k63-r7dx-fqb3", "summary": "crontab.c in crontab in FreeBSD allows local users to determine the existence of arbitrary directories via a command-line argument composed of a directory name concatenated with a directory traversal sequence that leads to the /etc/crontab pathname.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1074", "reference_id": "", "reference_type": "", "scores": [ { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.01005", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1074" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35715?format=api", "purl": "pkg:deb/debian/cron@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35711?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-137?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-137%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35709?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-162?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-162%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35714?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-197?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-197%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35712?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-209?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-209%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-1074" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2k63-r7dx-fqb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/180493?format=api", "vulnerability_id": "VCID-4f8g-e96k-5fed", "summary": "Vixie Cron allows local users to execute programs as root.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2607.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2607.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2607", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.1401", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2607" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=193146", "reference_id": "193146", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=193146" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=85609", "reference_id": "85609", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=85609" }, { "reference_url": "https://security.gentoo.org/glsa/200606-07", "reference_id": "GLSA-200606-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200606-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0539", "reference_id": "RHSA-2006:0539", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0539" }, { "reference_url": "https://usn.ubuntu.com/778-1/", "reference_id": "USN-778-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/778-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35710?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-64?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-64%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35711?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-137?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-137%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35709?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-162?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-162%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35714?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-197?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-197%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35712?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-209?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-209%3Fdistro=trixie" } ], "aliases": [ "CVE-2006-2607" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4f8g-e96k-5fed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7382?format=api", "vulnerability_id": "VCID-7eb6-yuy1-b3ey", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9706.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9706.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9706", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16557", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9706" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9706" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687706", "reference_id": "1687706", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687706" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809167", "reference_id": "809167", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809167" }, { "reference_url": "https://usn.ubuntu.com/5259-1/", "reference_id": "USN-5259-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5259-1/" }, { "reference_url": "https://usn.ubuntu.com/5259-2/", "reference_id": "USN-5259-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5259-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35729?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-133?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-133%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35711?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-137?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-137%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35709?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-162?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-162%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35714?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-197?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-197%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35712?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-209?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-209%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9706" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7eb6-yuy1-b3ey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/205546?format=api", "vulnerability_id": "VCID-a5yt-p4kb-gkcp", "summary": "In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9525", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19739", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9525" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9525", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9525" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864466", "reference_id": "864466", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864466" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993731", "reference_id": "993731", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993731" }, { "reference_url": "https://usn.ubuntu.com/5259-1/", "reference_id": "USN-5259-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5259-1/" }, { "reference_url": "https://usn.ubuntu.com/5259-2/", "reference_id": "USN-5259-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5259-2/" }, { "reference_url": "https://usn.ubuntu.com/5259-3/", "reference_id": "USN-5259-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5259-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35727?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-129?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-129%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35711?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-137?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-137%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35709?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-162?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-162%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35714?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-197?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-197%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35712?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-209?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-209%3Fdistro=trixie" } ], "aliases": [ "CVE-2017-9525" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a5yt-p4kb-gkcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31510?format=api", "vulnerability_id": "VCID-hbbk-5xrv-mbck", "summary": "cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43688", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20374", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-43688" }, { "reference_url": "https://github.com/vixie/cron/commit/9cc8ab1087bb9ab861dd5595c41200683c9f6712", "reference_id": "9cc8ab1087bb9ab861dd5595c41200683c9f6712", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-26T13:17:12Z/" } ], "url": "https://github.com/vixie/cron/commit/9cc8ab1087bb9ab861dd5595c41200683c9f6712" }, { "reference_url": "https://www.supernetworks.org/advisories/CVE-2024-43688-openbsd-cron-heap-underflow.txt", "reference_id": "CVE-2024-43688-openbsd-cron-heap-underflow.txt", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-26T13:17:12Z/" } ], "url": "https://www.supernetworks.org/advisories/CVE-2024-43688-openbsd-cron-heap-underflow.txt" }, { "reference_url": "https://www.supernetworks.org/CVE-2024-43688/openbsd-cron-heap-underflow.txt", "reference_id": "openbsd-cron-heap-underflow.txt", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-26T13:17:12Z/" } ], "url": "https://www.supernetworks.org/CVE-2024-43688/openbsd-cron-heap-underflow.txt" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35715?format=api", "purl": "pkg:deb/debian/cron@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35711?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-137?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-137%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35709?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-162?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-162%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35714?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-197?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-197%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35712?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-209?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-209%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-43688" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hbbk-5xrv-mbck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212406?format=api", "vulnerability_id": "VCID-k9fy-j3a1-k3e7", "summary": "crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users to (1) determine the existence of arbitrary files via a symlink attack on a /tmp/crontab.XXXXXXXXXX temporary file and (2) perform MD5 checksum comparisons on arbitrary pairs of files via two symlink attacks on /tmp/crontab.XXXXXXXXXX temporary files.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1073", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.0743", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1073" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35715?format=api", "purl": "pkg:deb/debian/cron@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35711?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-137?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-137%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35709?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-162?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-162%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35714?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-197?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-197%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35712?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-209?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-209%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-1073" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k9fy-j3a1-k3e7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/212408?format=api", "vulnerability_id": "VCID-n44h-8w27-vfgp", "summary": "FreeBSD's crontab calculates the MD5 sum of the previous and new cronjob to determine if any changes have been made before copying the new version in. In particular, it uses the MD5File() function, which takes a pathname as an argument, and is called with euid 0. A race condition in this process may lead to an arbitrary MD5 comparison regardless of the read permissions.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1075", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41673", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-1075" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35715?format=api", "purl": "pkg:deb/debian/cron@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35711?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-137?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-137%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35709?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-162?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-162%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35714?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-197?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-197%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35712?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-209?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-209%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-1075" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n44h-8w27-vfgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/180354?format=api", "vulnerability_id": "VCID-n9ry-1ems-8fdf", "summary": "A vulnerability has been found in Vixie cron, allowing local\n attackers to conduct symlink attacks.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0424.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0424.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0424", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27262", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0424" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=565809", "reference_id": "565809", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=565809" }, { "reference_url": "https://security.gentoo.org/glsa/201311-04", "reference_id": "GLSA-201311-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0304", "reference_id": "RHSA-2012:0304", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0304" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35715?format=api", "purl": "pkg:deb/debian/cron@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35711?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-137?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-137%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35709?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-162?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-162%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35714?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-197?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-197%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35712?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-209?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-209%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-0424" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n9ry-1ems-8fdf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/176118?format=api", "vulnerability_id": "VCID-tca8-gxdc-h7a5", "summary": "The Gentoo implementation of Vixie Cron is vulnerable to a local Denial of\n Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1856.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1856.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1856", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.2285", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-1856" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=235882", "reference_id": "235882", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=235882" }, { "reference_url": "https://security.gentoo.org/glsa/200704-11", "reference_id": "GLSA-200704-11", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200704-11" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0345", "reference_id": "RHSA-2007:0345", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0345" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35715?format=api", "purl": "pkg:deb/debian/cron@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35711?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-137?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-137%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35709?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-162?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-162%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35714?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-197?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-197%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35712?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-209?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-209%3Fdistro=trixie" } ], "aliases": [ "CVE-2007-1856" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tca8-gxdc-h7a5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7380?format=api", "vulnerability_id": "VCID-vyzp-ezhd-33dy", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9704.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9704.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9704", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36037", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9704" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687688", "reference_id": "1687688", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687688" }, { "reference_url": "https://usn.ubuntu.com/5259-1/", "reference_id": "USN-5259-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5259-1/" }, { "reference_url": "https://usn.ubuntu.com/5259-2/", "reference_id": "USN-5259-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5259-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35729?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-133?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-133%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35711?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-137?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-137%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35709?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-162?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-162%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35714?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-197?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-197%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35712?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-209?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-209%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9704" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vyzp-ezhd-33dy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7381?format=api", "vulnerability_id": "VCID-we32-zams-aqad", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9705.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9705.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9705", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36037", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9705" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9705", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9705" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687694", "reference_id": "1687694", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687694" }, { "reference_url": "https://usn.ubuntu.com/5259-1/", "reference_id": "USN-5259-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5259-1/" }, { "reference_url": "https://usn.ubuntu.com/5259-2/", "reference_id": "USN-5259-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5259-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/35729?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-133?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-133%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35711?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-137?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-137%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35709?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-162?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-162%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35714?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-197?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-197%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/35712?format=api", "purl": "pkg:deb/debian/cron@3.0pl1-209?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-209%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-9705" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-we32-zams-aqad" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/cron@3.0pl1-162%3Fdistro=trixie" }