Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
Typedeb
Namespacedebian
Namecvs
Version2:1.12.13+real-28
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2:1.12.13+real-28+deb12u1
Latest_non_vulnerable_version2:1.12.13+real-31
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-4hak-5z95-juhf
vulnerability_id VCID-4hak-5z95-juhf
summary 
There are two vulnerabilities in CVS; one in the server and one in the
    client. These vulnerabilities allow the reading and writing of arbitrary
    files on both client and server.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0405.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0405.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-0405
reference_id
reference_type
scores
0
value 0.01406
scoring_system epss
scoring_elements 0.80893
published_at 2026-06-11T12:55:00Z
1
value 0.01406
scoring_system epss
scoring_elements 0.80952
published_at 2026-06-12T12:55:00Z
2
value 0.01406
scoring_system epss
scoring_elements 0.80962
published_at 2026-06-13T12:55:00Z
3
value 0.01406
scoring_system epss
scoring_elements 0.80954
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-0405
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0405
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617194
reference_id 1617194
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617194
4
reference_url https://security.gentoo.org/glsa/200404-13
reference_id GLSA-200404-13
reference_type
scores
url https://security.gentoo.org/glsa/200404-13
5
reference_url https://access.redhat.com/errata/RHSA-2004:153
reference_id RHSA-2004:153
reference_type
scores
url https://access.redhat.com/errata/RHSA-2004:153
6
reference_url https://access.redhat.com/errata/RHSA-2004:154
reference_id RHSA-2004:154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2004:154
fixed_packages
0
url pkg:deb/debian/cvs@1:1.12.5-4?distro=trixie
purl pkg:deb/debian/cvs@1:1.12.5-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.5-4%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2004-0405
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4hak-5z95-juhf
1
url VCID-76pq-jctn-abc2
vulnerability_id VCID-76pq-jctn-abc2
summary CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-1343
reference_id
reference_type
scores
0
value 0.00655
scoring_system epss
scoring_elements 0.71465
published_at 2026-06-11T12:55:00Z
1
value 0.00655
scoring_system epss
scoring_elements 0.71551
published_at 2026-06-12T12:55:00Z
2
value 0.00655
scoring_system epss
scoring_elements 0.71564
published_at 2026-06-13T12:55:00Z
3
value 0.00655
scoring_system epss
scoring_elements 0.71562
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-1343
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1343
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1343
fixed_packages
0
url pkg:deb/debian/cvs@1:1.12.9-12?distro=trixie
purl pkg:deb/debian/cvs@1:1.12.9-12?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-12%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2004-1343
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-76pq-jctn-abc2
2
url VCID-782a-mdwz-9yat
vulnerability_id VCID-782a-mdwz-9yat
summary CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0414.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0414.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-0414
reference_id
reference_type
scores
0
value 0.05252
scoring_system epss
scoring_elements 0.90197
published_at 2026-06-11T12:55:00Z
1
value 0.05252
scoring_system epss
scoring_elements 0.90228
published_at 2026-06-12T12:55:00Z
2
value 0.05252
scoring_system epss
scoring_elements 0.90236
published_at 2026-06-13T12:55:00Z
3
value 0.05252
scoring_system epss
scoring_elements 0.90234
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-0414
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0414
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0414
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617197
reference_id 1617197
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617197
4
reference_url https://access.redhat.com/errata/RHSA-2004:233
reference_id RHSA-2004:233
reference_type
scores
url https://access.redhat.com/errata/RHSA-2004:233
fixed_packages
0
url pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie
purl pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-1%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2004-0414
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-782a-mdwz-9yat
3
url VCID-7zw8-dpbr-jffc
vulnerability_id VCID-7zw8-dpbr-jffc
summary Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0396.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0396.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-0396
reference_id
reference_type
scores
0
value 0.86593
scoring_system epss
scoring_elements 0.99439
published_at 2026-06-11T12:55:00Z
1
value 0.86593
scoring_system epss
scoring_elements 0.9944
published_at 2026-06-12T12:55:00Z
2
value 0.86593
scoring_system epss
scoring_elements 0.99441
published_at 2026-06-13T12:55:00Z
3
value 0.86593
scoring_system epss
scoring_elements 0.99442
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-0396
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0396
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0396
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617191
reference_id 1617191
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617191
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/300.c
reference_id OSVDB-6305;CVE-2004-0396
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/300.c
5
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/solaris/remote/301.c
reference_id OSVDB-6305;CVE-2004-0396
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/solaris/remote/301.c
6
reference_url https://access.redhat.com/errata/RHSA-2004:190
reference_id RHSA-2004:190
reference_type
scores
url https://access.redhat.com/errata/RHSA-2004:190
fixed_packages
0
url pkg:deb/debian/cvs@1:1.12.5-6?distro=trixie
purl pkg:deb/debian/cvs@1:1.12.5-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.5-6%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2004-0396
risk_score 1.6
exploitability 2.0
weighted_severity 0.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7zw8-dpbr-jffc
4
url VCID-977s-a2ue-w7eu
vulnerability_id VCID-977s-a2ue-w7eu
summary Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0015.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0015.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0015
reference_id
reference_type
scores
0
value 0.37007
scoring_system epss
scoring_elements 0.9726
published_at 2026-06-11T12:55:00Z
1
value 0.37007
scoring_system epss
scoring_elements 0.97268
published_at 2026-06-12T12:55:00Z
2
value 0.37007
scoring_system epss
scoring_elements 0.97269
published_at 2026-06-13T12:55:00Z
3
value 0.37007
scoring_system epss
scoring_elements 0.9727
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0015
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0015
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0015
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1616934
reference_id 1616934
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1616934
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22187.txt
reference_id CVE-2003-0015;OSVDB-3227
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22187.txt
5
reference_url https://www.securityfocus.com/bid/6650/info
reference_id CVE-2003-0015;OSVDB-3227
reference_type exploit
scores
url https://www.securityfocus.com/bid/6650/info
6
reference_url https://access.redhat.com/errata/RHSA-2003:012
reference_id RHSA-2003:012
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:012
7
reference_url https://access.redhat.com/errata/RHSA-2003:013
reference_id RHSA-2003:013
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:013
fixed_packages
0
url pkg:deb/debian/cvs@1.11.2-5.1?distro=trixie
purl pkg:deb/debian/cvs@1.11.2-5.1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1.11.2-5.1%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2003-0015
risk_score 0.6
exploitability 2.0
weighted_severity 0.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-977s-a2ue-w7eu
5
url VCID-ajrj-x152-pfd4
vulnerability_id VCID-ajrj-x152-pfd4
summary Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-1471
reference_id
reference_type
scores
0
value 0.05947
scoring_system epss
scoring_elements 0.90851
published_at 2026-06-11T12:55:00Z
1
value 0.05947
scoring_system epss
scoring_elements 0.90881
published_at 2026-06-12T12:55:00Z
2
value 0.05947
scoring_system epss
scoring_elements 0.90889
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-1471
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1471
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1471
2
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/24182.c
reference_id CVE-2004-1471;OSVDB-15727
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/24182.c
3
reference_url https://www.securityfocus.com/bid/10499/info
reference_id CVE-2004-1471;OSVDB-15727
reference_type exploit
scores
url https://www.securityfocus.com/bid/10499/info
fixed_packages
0
url pkg:deb/debian/cvs@1:1.12.9?distro=trixie
purl pkg:deb/debian/cvs@1:1.12.9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2004-1471
risk_score 0.2
exploitability 2.0
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ajrj-x152-pfd4
6
url VCID-bjjf-mz6r-qqg4
vulnerability_id VCID-bjjf-mz6r-qqg4
summary cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2693.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2693.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-2693
reference_id
reference_type
scores
0
value 0.00074
scoring_system epss
scoring_elements 0.22527
published_at 2026-06-11T12:55:00Z
1
value 0.00074
scoring_system epss
scoring_elements 0.22722
published_at 2026-06-12T12:55:00Z
2
value 0.00074
scoring_system epss
scoring_elements 0.22735
published_at 2026-06-13T12:55:00Z
3
value 0.00074
scoring_system epss
scoring_elements 0.22716
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-2693
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2693
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617740
reference_id 1617740
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617740
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325106
reference_id 325106
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325106
5
reference_url https://access.redhat.com/errata/RHSA-2005:756
reference_id RHSA-2005:756
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:756
fixed_packages
0
url pkg:deb/debian/cvs@1:1.11.5-4?distro=trixie
purl pkg:deb/debian/cvs@1:1.11.5-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.11.5-4%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2005-2693
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bjjf-mz6r-qqg4
7
url VCID-dgrx-z1xw-jyf6
vulnerability_id VCID-dgrx-z1xw-jyf6
summary CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0778.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0778.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-0778
reference_id
reference_type
scores
0
value 0.04063
scoring_system epss
scoring_elements 0.88791
published_at 2026-06-11T12:55:00Z
1
value 0.04063
scoring_system epss
scoring_elements 0.8883
published_at 2026-06-12T12:55:00Z
2
value 0.04063
scoring_system epss
scoring_elements 0.88836
published_at 2026-06-13T12:55:00Z
3
value 0.04063
scoring_system epss
scoring_elements 0.88835
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-0778
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0778
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617282
reference_id 1617282
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617282
4
reference_url https://access.redhat.com/errata/RHSA-2004:233
reference_id RHSA-2004:233
reference_type
scores
url https://access.redhat.com/errata/RHSA-2004:233
fixed_packages
0
url pkg:deb/debian/cvs@1:1.12.9?distro=trixie
purl pkg:deb/debian/cvs@1:1.12.9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2004-0778
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dgrx-z1xw-jyf6
8
url VCID-exgk-1th6-53bu
vulnerability_id VCID-exgk-1th6-53bu
summary Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0844.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0844.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2002-0844
reference_id
reference_type
scores
0
value 0.0007
scoring_system epss
scoring_elements 0.21496
published_at 2026-06-11T12:55:00Z
1
value 0.0007
scoring_system epss
scoring_elements 0.21682
published_at 2026-06-12T12:55:00Z
2
value 0.0007
scoring_system epss
scoring_elements 0.21694
published_at 2026-06-13T12:55:00Z
3
value 0.0007
scoring_system epss
scoring_elements 0.21668
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2002-0844
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0844
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0844
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1616825
reference_id 1616825
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1616825
4
reference_url https://access.redhat.com/errata/RHSA-2004:004
reference_id RHSA-2004:004
reference_type
scores
url https://access.redhat.com/errata/RHSA-2004:004
fixed_packages
0
url pkg:deb/debian/cvs@1:1.11.2?distro=trixie
purl pkg:deb/debian/cvs@1:1.11.2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.11.2%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2002-0844
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-exgk-1th6-53bu
9
url VCID-ge2e-bdx5-k3fg
vulnerability_id VCID-ge2e-bdx5-k3fg
summary Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0753.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0753.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2005-0753
reference_id
reference_type
scores
0
value 0.05354
scoring_system epss
scoring_elements 0.90287
published_at 2026-06-11T12:55:00Z
1
value 0.05354
scoring_system epss
scoring_elements 0.90317
published_at 2026-06-12T12:55:00Z
2
value 0.05354
scoring_system epss
scoring_elements 0.90325
published_at 2026-06-13T12:55:00Z
3
value 0.05354
scoring_system epss
scoring_elements 0.90323
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2005-0753
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0753
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0753
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617569
reference_id 1617569
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617569
4
reference_url https://access.redhat.com/errata/RHSA-2005:387
reference_id RHSA-2005:387
reference_type
scores
url https://access.redhat.com/errata/RHSA-2005:387
5
reference_url https://usn.ubuntu.com/117-1/
reference_id USN-117-1
reference_type
scores
url https://usn.ubuntu.com/117-1/
fixed_packages
0
url pkg:deb/debian/cvs@1:1.12.9-13?distro=trixie
purl pkg:deb/debian/cvs@1:1.12.9-13?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-13%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2005-0753
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ge2e-bdx5-k3fg
10
url VCID-k37k-771k-6uby
vulnerability_id VCID-k37k-771k-6uby
summary serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0418.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0418.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-0418
reference_id
reference_type
scores
0
value 0.14279
scoring_system epss
scoring_elements 0.94557
published_at 2026-06-11T12:55:00Z
1
value 0.14279
scoring_system epss
scoring_elements 0.94575
published_at 2026-06-12T12:55:00Z
2
value 0.14279
scoring_system epss
scoring_elements 0.94581
published_at 2026-06-13T12:55:00Z
3
value 0.14279
scoring_system epss
scoring_elements 0.94582
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-0418
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0418
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0418
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617202
reference_id 1617202
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617202
4
reference_url https://access.redhat.com/errata/RHSA-2004:233
reference_id RHSA-2004:233
reference_type
scores
url https://access.redhat.com/errata/RHSA-2004:233
fixed_packages
0
url pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie
purl pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-1%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2004-0418
risk_score 0.1
exploitability 0.5
weighted_severity 0.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k37k-771k-6uby
11
url VCID-md15-esne-abbk
vulnerability_id VCID-md15-esne-abbk
summary 
A heap-based buffer overflow in CVS might allow remote attackers to
    execute
    arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0804.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0804.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-0804
reference_id
reference_type
scores
0
value 0.02507
scoring_system epss
scoring_elements 0.85675
published_at 2026-06-11T12:55:00Z
1
value 0.02507
scoring_system epss
scoring_elements 0.85726
published_at 2026-06-12T12:55:00Z
2
value 0.02507
scoring_system epss
scoring_elements 0.85736
published_at 2026-06-13T12:55:00Z
3
value 0.02507
scoring_system epss
scoring_elements 0.85729
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-0804
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0804
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0804
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=784141
reference_id 784141
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=784141
4
reference_url https://security.gentoo.org/glsa/201701-44
reference_id GLSA-201701-44
reference_type
scores
url https://security.gentoo.org/glsa/201701-44
5
reference_url https://access.redhat.com/errata/RHSA-2012:0321
reference_id RHSA-2012:0321
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0321
6
reference_url https://usn.ubuntu.com/1371-1/
reference_id USN-1371-1
reference_type
scores
url https://usn.ubuntu.com/1371-1/
fixed_packages
0
url pkg:deb/debian/cvs@2:1.12.13%2Breal-7?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-7%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2012-0804
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-md15-esne-abbk
12
url VCID-ncr9-d9xr-m3dx
vulnerability_id VCID-ncr9-d9xr-m3dx
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12836.json
reference_id
reference_type
scores
0
value 5.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12836.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-12836
reference_id
reference_type
scores
0
value 0.02504
scoring_system epss
scoring_elements 0.85672
published_at 2026-06-11T12:55:00Z
1
value 0.02504
scoring_system epss
scoring_elements 0.85723
published_at 2026-06-12T12:55:00Z
2
value 0.02504
scoring_system epss
scoring_elements 0.85733
published_at 2026-06-13T12:55:00Z
3
value 0.02504
scoring_system epss
scoring_elements 0.85725
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-12836
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12836
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12836
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 10
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:C/I:C/A:C
1
value 5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1480800
reference_id 1480800
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1480800
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871810
reference_id 871810
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871810
6
reference_url https://security.gentoo.org/glsa/201709-17
reference_id GLSA-201709-17
reference_type
scores
url https://security.gentoo.org/glsa/201709-17
7
reference_url https://usn.ubuntu.com/3399-1/
reference_id USN-3399-1
reference_type
scores
url https://usn.ubuntu.com/3399-1/
fixed_packages
0
url pkg:deb/debian/cvs@2:1.12.13%2Breal-24?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-24?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-24%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2017-12836
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ncr9-d9xr-m3dx
13
url VCID-nqw3-r34n-zbe6
vulnerability_id VCID-nqw3-r34n-zbe6
summary Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0417.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0417.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-0417
reference_id
reference_type
scores
0
value 0.04491
scoring_system epss
scoring_elements 0.89364
published_at 2026-06-11T12:55:00Z
1
value 0.04491
scoring_system epss
scoring_elements 0.89401
published_at 2026-06-12T12:55:00Z
2
value 0.04491
scoring_system epss
scoring_elements 0.89409
published_at 2026-06-13T12:55:00Z
3
value 0.04491
scoring_system epss
scoring_elements 0.89407
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-0417
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0417
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0417
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617201
reference_id 1617201
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617201
4
reference_url https://access.redhat.com/errata/RHSA-2004:233
reference_id RHSA-2004:233
reference_type
scores
url https://access.redhat.com/errata/RHSA-2004:233
fixed_packages
0
url pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie
purl pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-1%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2004-0417
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nqw3-r34n-zbe6
14
url VCID-pd12-r3uh-huf4
vulnerability_id VCID-pd12-r3uh-huf4
summary 
There are two vulnerabilities in CVS; one in the server and one in the
    client. These vulnerabilities allow the reading and writing of arbitrary
    files on both client and server.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0180.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0180.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-0180
reference_id
reference_type
scores
0
value 0.04165
scoring_system epss
scoring_elements 0.88935
published_at 2026-06-11T12:55:00Z
1
value 0.04165
scoring_system epss
scoring_elements 0.88972
published_at 2026-06-12T12:55:00Z
2
value 0.04165
scoring_system epss
scoring_elements 0.88979
published_at 2026-06-13T12:55:00Z
3
value 0.04165
scoring_system epss
scoring_elements 0.88978
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-0180
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0180
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0180
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617171
reference_id 1617171
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617171
4
reference_url https://security.gentoo.org/glsa/200404-13
reference_id GLSA-200404-13
reference_type
scores
url https://security.gentoo.org/glsa/200404-13
5
reference_url https://access.redhat.com/errata/RHSA-2004:153
reference_id RHSA-2004:153
reference_type
scores
url https://access.redhat.com/errata/RHSA-2004:153
6
reference_url https://access.redhat.com/errata/RHSA-2004:154
reference_id RHSA-2004:154
reference_type
scores
url https://access.redhat.com/errata/RHSA-2004:154
fixed_packages
0
url pkg:deb/debian/cvs@1:1.12.5-4?distro=trixie
purl pkg:deb/debian/cvs@1:1.12.5-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.5-4%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2004-0180
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pd12-r3uh-huf4
15
url VCID-pe4t-1ga5-nkhk
vulnerability_id VCID-pe4t-1ga5-nkhk
summary CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-1342
reference_id
reference_type
scores
0
value 0.00335
scoring_system epss
scoring_elements 0.56748
published_at 2026-06-11T12:55:00Z
1
value 0.00335
scoring_system epss
scoring_elements 0.56868
published_at 2026-06-12T12:55:00Z
2
value 0.00335
scoring_system epss
scoring_elements 0.56883
published_at 2026-06-13T12:55:00Z
3
value 0.00335
scoring_system epss
scoring_elements 0.56873
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-1342
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1342
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1342
fixed_packages
0
url pkg:deb/debian/cvs@1:1.12.9-12?distro=trixie
purl pkg:deb/debian/cvs@1:1.12.9-12?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-12%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2004-1342
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pe4t-1ga5-nkhk
16
url VCID-v6xx-r6zg-2qgu
vulnerability_id VCID-v6xx-r6zg-2qgu
summary Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3846.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3846.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-3846
reference_id
reference_type
scores
0
value 0.00129
scoring_system epss
scoring_elements 0.31857
published_at 2026-06-11T12:55:00Z
1
value 0.00129
scoring_system epss
scoring_elements 0.32043
published_at 2026-06-12T12:55:00Z
2
value 0.00129
scoring_system epss
scoring_elements 0.32059
published_at 2026-06-13T12:55:00Z
3
value 0.00129
scoring_system epss
scoring_elements 0.32038
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-3846
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=642146
reference_id 642146
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=642146
3
reference_url https://access.redhat.com/errata/RHSA-2010:0918
reference_id RHSA-2010:0918
reference_type
scores
url https://access.redhat.com/errata/RHSA-2010:0918
fixed_packages
0
url pkg:deb/debian/cvs@0?distro=trixie
purl pkg:deb/debian/cvs@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@0%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2010-3846
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v6xx-r6zg-2qgu
17
url VCID-y4uw-uc9k-jfdu
vulnerability_id VCID-y4uw-uc9k-jfdu
summary Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0416.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0416.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2004-0416
reference_id
reference_type
scores
0
value 0.40607
scoring_system epss
scoring_elements 0.97455
published_at 2026-06-11T12:55:00Z
1
value 0.40607
scoring_system epss
scoring_elements 0.97463
published_at 2026-06-12T12:55:00Z
2
value 0.40607
scoring_system epss
scoring_elements 0.97465
published_at 2026-06-13T12:55:00Z
3
value 0.40607
scoring_system epss
scoring_elements 0.97464
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2004-0416
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0416
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0416
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617200
reference_id 1617200
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617200
4
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/392.c
reference_id OSVDB-6831;CVE-2004-0416
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/392.c
5
reference_url https://access.redhat.com/errata/RHSA-2004:233
reference_id RHSA-2004:233
reference_type
scores
url https://access.redhat.com/errata/RHSA-2004:233
fixed_packages
0
url pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie
purl pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-1%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2004-0416
risk_score 0.8
exploitability 2.0
weighted_severity 0.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y4uw-uc9k-jfdu
18
url VCID-yyyb-3sfs-13af
vulnerability_id VCID-yyyb-3sfs-13af
summary CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0977.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0977.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0977
reference_id
reference_type
scores
0
value 0.01901
scoring_system epss
scoring_elements 0.8364
published_at 2026-06-11T12:55:00Z
1
value 0.01901
scoring_system epss
scoring_elements 0.83699
published_at 2026-06-12T12:55:00Z
2
value 0.01901
scoring_system epss
scoring_elements 0.83709
published_at 2026-06-13T12:55:00Z
3
value 0.01901
scoring_system epss
scoring_elements 0.83705
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0977
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0977
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0977
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1617113
reference_id 1617113
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1617113
4
reference_url https://access.redhat.com/errata/RHSA-2004:003
reference_id RHSA-2004:003
reference_type
scores
url https://access.redhat.com/errata/RHSA-2004:003
5
reference_url https://access.redhat.com/errata/RHSA-2004:004
reference_id RHSA-2004:004
reference_type
scores
url https://access.redhat.com/errata/RHSA-2004:004
fixed_packages
0
url pkg:deb/debian/cvs@1:1.11.10?distro=trixie
purl pkg:deb/debian/cvs@1:1.11.10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.11.10%3Fdistro=trixie
1
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie
2
url pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie
4
url pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
purl pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie
aliases CVE-2003-0977
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yyyb-3sfs-13af
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie