{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","type":"deb","namespace":"debian","name":"cvs","version":"2:1.12.13+real-28","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2:1.12.13+real-28+deb12u1","latest_non_vulnerable_version":"2:1.12.13+real-31","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179692?format=json","vulnerability_id":"VCID-4hak-5z95-juhf","summary":"There are two vulnerabilities in CVS; one in the server and one in the\n    client. These vulnerabilities allow the reading and writing of arbitrary\n    files on both client and server.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0405.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0405.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0405","reference_id":"","reference_type":"","scores":[{"value":"0.01406","scoring_system":"epss","scoring_elements":"0.80893","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01406","scoring_system":"epss","scoring_elements":"0.80952","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01406","scoring_system":"epss","scoring_elements":"0.80962","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01406","scoring_system":"epss","scoring_elements":"0.80954","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0405"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617194","reference_id":"1617194","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617194"},{"reference_url":"https://security.gentoo.org/glsa/200404-13","reference_id":"GLSA-200404-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200404-13"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:153","reference_id":"RHSA-2004:153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:154","reference_id":"RHSA-2004:154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:154"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36568?format=json","purl":"pkg:deb/debian/cvs@1:1.12.5-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.5-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-0405"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4hak-5z95-juhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199847?format=json","vulnerability_id":"VCID-76pq-jctn-abc2","summary":"CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1343","reference_id":"","reference_type":"","scores":[{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71465","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71551","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71564","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71562","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1343"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1343"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36581?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9-12?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-12%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-1343"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-76pq-jctn-abc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199691?format=json","vulnerability_id":"VCID-782a-mdwz-9yat","summary":"CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed \"Entry\" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0414.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0414.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0414","reference_id":"","reference_type":"","scores":[{"value":"0.05252","scoring_system":"epss","scoring_elements":"0.90197","published_at":"2026-06-11T12:55:00Z"},{"value":"0.05252","scoring_system":"epss","scoring_elements":"0.90228","published_at":"2026-06-12T12:55:00Z"},{"value":"0.05252","scoring_system":"epss","scoring_elements":"0.90236","published_at":"2026-06-13T12:55:00Z"},{"value":"0.05252","scoring_system":"epss","scoring_elements":"0.90234","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0414"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0414","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0414"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617197","reference_id":"1617197","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:233","reference_id":"RHSA-2004:233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:233"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36575?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-0414"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-782a-mdwz-9yat"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199684?format=json","vulnerability_id":"VCID-7zw8-dpbr-jffc","summary":"Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0396.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0396.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0396","reference_id":"","reference_type":"","scores":[{"value":"0.86593","scoring_system":"epss","scoring_elements":"0.99439","published_at":"2026-06-11T12:55:00Z"},{"value":"0.86593","scoring_system":"epss","scoring_elements":"0.9944","published_at":"2026-06-12T12:55:00Z"},{"value":"0.86593","scoring_system":"epss","scoring_elements":"0.99441","published_at":"2026-06-13T12:55:00Z"},{"value":"0.86593","scoring_system":"epss","scoring_elements":"0.99442","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0396"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617191","reference_id":"1617191","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617191"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/300.c","reference_id":"OSVDB-6305;CVE-2004-0396","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/300.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/solaris/remote/301.c","reference_id":"OSVDB-6305;CVE-2004-0396","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/solaris/remote/301.c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:190","reference_id":"RHSA-2004:190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:190"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36571?format=json","purl":"pkg:deb/debian/cvs@1:1.12.5-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.5-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-0396"],"risk_score":1.6,"exploitability":"2.0","weighted_severity":"0.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7zw8-dpbr-jffc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199478?format=json","vulnerability_id":"VCID-977s-a2ue-w7eu","summary":"Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0015.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0015.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0015","reference_id":"","reference_type":"","scores":[{"value":"0.37007","scoring_system":"epss","scoring_elements":"0.9726","published_at":"2026-06-11T12:55:00Z"},{"value":"0.37007","scoring_system":"epss","scoring_elements":"0.97268","published_at":"2026-06-12T12:55:00Z"},{"value":"0.37007","scoring_system":"epss","scoring_elements":"0.97269","published_at":"2026-06-13T12:55:00Z"},{"value":"0.37007","scoring_system":"epss","scoring_elements":"0.9727","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0015"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616934","reference_id":"1616934","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616934"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22187.txt","reference_id":"CVE-2003-0015;OSVDB-3227","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22187.txt"},{"reference_url":"https://www.securityfocus.com/bid/6650/info","reference_id":"CVE-2003-0015;OSVDB-3227","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/6650/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:012","reference_id":"RHSA-2003:012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:013","reference_id":"RHSA-2003:013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:013"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36563?format=json","purl":"pkg:deb/debian/cvs@1.11.2-5.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1.11.2-5.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2003-0015"],"risk_score":0.6,"exploitability":"2.0","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-977s-a2ue-w7eu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199853?format=json","vulnerability_id":"VCID-ajrj-x152-pfd4","summary":"Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1471","reference_id":"","reference_type":"","scores":[{"value":"0.05947","scoring_system":"epss","scoring_elements":"0.90851","published_at":"2026-06-11T12:55:00Z"},{"value":"0.05947","scoring_system":"epss","scoring_elements":"0.90881","published_at":"2026-06-12T12:55:00Z"},{"value":"0.05947","scoring_system":"epss","scoring_elements":"0.90889","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1471"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1471","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1471"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/24182.c","reference_id":"CVE-2004-1471;OSVDB-15727","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/24182.c"},{"reference_url":"https://www.securityfocus.com/bid/10499/info","reference_id":"CVE-2004-1471;OSVDB-15727","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/10499/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36580?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-1471"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ajrj-x152-pfd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200178?format=json","vulnerability_id":"VCID-bjjf-mz6r-qqg4","summary":"cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2693.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2693.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2693","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22527","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22722","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22735","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22716","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617740","reference_id":"1617740","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617740"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325106","reference_id":"325106","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:756","reference_id":"RHSA-2005:756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:756"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36587?format=json","purl":"pkg:deb/debian/cvs@1:1.11.5-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.11.5-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2005-2693"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bjjf-mz6r-qqg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199727?format=json","vulnerability_id":"VCID-dgrx-z1xw-jyf6","summary":"CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0778.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0778.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0778","reference_id":"","reference_type":"","scores":[{"value":"0.04063","scoring_system":"epss","scoring_elements":"0.88791","published_at":"2026-06-11T12:55:00Z"},{"value":"0.04063","scoring_system":"epss","scoring_elements":"0.8883","published_at":"2026-06-12T12:55:00Z"},{"value":"0.04063","scoring_system":"epss","scoring_elements":"0.88836","published_at":"2026-06-13T12:55:00Z"},{"value":"0.04063","scoring_system":"epss","scoring_elements":"0.88835","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0778"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617282","reference_id":"1617282","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617282"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:233","reference_id":"RHSA-2004:233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:233"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36580?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-0778"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dgrx-z1xw-jyf6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199381?format=json","vulnerability_id":"VCID-exgk-1th6-53bu","summary":"Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0844.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0844.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0844","reference_id":"","reference_type":"","scores":[{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21496","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21682","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21694","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21668","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0844"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0844"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616825","reference_id":"1616825","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:004","reference_id":"RHSA-2004:004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:004"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36557?format=json","purl":"pkg:deb/debian/cvs@1:1.11.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.11.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2002-0844"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-exgk-1th6-53bu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200027?format=json","vulnerability_id":"VCID-ge2e-bdx5-k3fg","summary":"Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0753.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0753.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0753","reference_id":"","reference_type":"","scores":[{"value":"0.05354","scoring_system":"epss","scoring_elements":"0.90287","published_at":"2026-06-11T12:55:00Z"},{"value":"0.05354","scoring_system":"epss","scoring_elements":"0.90317","published_at":"2026-06-12T12:55:00Z"},{"value":"0.05354","scoring_system":"epss","scoring_elements":"0.90325","published_at":"2026-06-13T12:55:00Z"},{"value":"0.05354","scoring_system":"epss","scoring_elements":"0.90323","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0753"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617569","reference_id":"1617569","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:387","reference_id":"RHSA-2005:387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:387"},{"reference_url":"https://usn.ubuntu.com/117-1/","reference_id":"USN-117-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/117-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36584?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9-13?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-13%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2005-0753"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ge2e-bdx5-k3fg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199695?format=json","vulnerability_id":"VCID-k37k-771k-6uby","summary":"serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an \"out-of-bounds\" write for a single byte to execute arbitrary code or modify critical program data.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0418.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0418.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0418","reference_id":"","reference_type":"","scores":[{"value":"0.14279","scoring_system":"epss","scoring_elements":"0.94557","published_at":"2026-06-11T12:55:00Z"},{"value":"0.14279","scoring_system":"epss","scoring_elements":"0.94575","published_at":"2026-06-12T12:55:00Z"},{"value":"0.14279","scoring_system":"epss","scoring_elements":"0.94581","published_at":"2026-06-13T12:55:00Z"},{"value":"0.14279","scoring_system":"epss","scoring_elements":"0.94582","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0418"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0418","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0418"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617202","reference_id":"1617202","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:233","reference_id":"RHSA-2004:233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:233"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36575?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-0418"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k37k-771k-6uby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177617?format=json","vulnerability_id":"VCID-md15-esne-abbk","summary":"A heap-based buffer overflow in CVS might allow remote attackers to\n    execute\n    arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0804.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0804.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0804","reference_id":"","reference_type":"","scores":[{"value":"0.02507","scoring_system":"epss","scoring_elements":"0.85675","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02507","scoring_system":"epss","scoring_elements":"0.85726","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02507","scoring_system":"epss","scoring_elements":"0.85736","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02507","scoring_system":"epss","scoring_elements":"0.85729","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0804"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=784141","reference_id":"784141","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=784141"},{"reference_url":"https://security.gentoo.org/glsa/201701-44","reference_id":"GLSA-201701-44","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-44"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0321","reference_id":"RHSA-2012:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0321"},{"reference_url":"https://usn.ubuntu.com/1371-1/","reference_id":"USN-1371-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1371-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36593?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2012-0804"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-md15-esne-abbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/2662?format=json","vulnerability_id":"VCID-ncr9-d9xr-m3dx","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12836.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12836.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12836","reference_id":"","reference_type":"","scores":[{"value":"0.02504","scoring_system":"epss","scoring_elements":"0.85672","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02504","scoring_system":"epss","scoring_elements":"0.85723","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02504","scoring_system":"epss","scoring_elements":"0.85733","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02504","scoring_system":"epss","scoring_elements":"0.85725","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12836"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480800","reference_id":"1480800","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480800"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871810","reference_id":"871810","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871810"},{"reference_url":"https://security.gentoo.org/glsa/201709-17","reference_id":"GLSA-201709-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-17"},{"reference_url":"https://usn.ubuntu.com/3399-1/","reference_id":"USN-3399-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3399-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36595?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-24?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-24%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2017-12836"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ncr9-d9xr-m3dx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199694?format=json","vulnerability_id":"VCID-nqw3-r34n-zbe6","summary":"Integer overflow in the \"Max-dotdot\" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0417.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0417.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0417","reference_id":"","reference_type":"","scores":[{"value":"0.04491","scoring_system":"epss","scoring_elements":"0.89364","published_at":"2026-06-11T12:55:00Z"},{"value":"0.04491","scoring_system":"epss","scoring_elements":"0.89401","published_at":"2026-06-12T12:55:00Z"},{"value":"0.04491","scoring_system":"epss","scoring_elements":"0.89409","published_at":"2026-06-13T12:55:00Z"},{"value":"0.04491","scoring_system":"epss","scoring_elements":"0.89407","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0417"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0417","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0417"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617201","reference_id":"1617201","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:233","reference_id":"RHSA-2004:233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:233"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36575?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-0417"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nqw3-r34n-zbe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/179691?format=json","vulnerability_id":"VCID-pd12-r3uh-huf4","summary":"There are two vulnerabilities in CVS; one in the server and one in the\n    client. These vulnerabilities allow the reading and writing of arbitrary\n    files on both client and server.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0180.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0180.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0180","reference_id":"","reference_type":"","scores":[{"value":"0.04165","scoring_system":"epss","scoring_elements":"0.88935","published_at":"2026-06-11T12:55:00Z"},{"value":"0.04165","scoring_system":"epss","scoring_elements":"0.88972","published_at":"2026-06-12T12:55:00Z"},{"value":"0.04165","scoring_system":"epss","scoring_elements":"0.88979","published_at":"2026-06-13T12:55:00Z"},{"value":"0.04165","scoring_system":"epss","scoring_elements":"0.88978","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0180"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617171","reference_id":"1617171","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617171"},{"reference_url":"https://security.gentoo.org/glsa/200404-13","reference_id":"GLSA-200404-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200404-13"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:153","reference_id":"RHSA-2004:153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:154","reference_id":"RHSA-2004:154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:154"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36568?format=json","purl":"pkg:deb/debian/cvs@1:1.12.5-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.5-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-0180"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pd12-r3uh-huf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199846?format=json","vulnerability_id":"VCID-pe4t-1ga5-nkhk","summary":"CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1342","reference_id":"","reference_type":"","scores":[{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56748","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56868","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56883","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56873","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1342"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36581?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9-12?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-12%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-1342"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pe4t-1ga5-nkhk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212468?format=json","vulnerability_id":"VCID-v6xx-r6zg-2qgu","summary":"Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3846.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3846.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3846","reference_id":"","reference_type":"","scores":[{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31857","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32043","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32059","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.32038","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3846"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=642146","reference_id":"642146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=642146"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0918","reference_id":"RHSA-2010:0918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0918"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36590?format=json","purl":"pkg:deb/debian/cvs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2010-3846"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v6xx-r6zg-2qgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199693?format=json","vulnerability_id":"VCID-y4uw-uc9k-jfdu","summary":"Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0416.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0416.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0416","reference_id":"","reference_type":"","scores":[{"value":"0.40607","scoring_system":"epss","scoring_elements":"0.97455","published_at":"2026-06-11T12:55:00Z"},{"value":"0.40607","scoring_system":"epss","scoring_elements":"0.97463","published_at":"2026-06-12T12:55:00Z"},{"value":"0.40607","scoring_system":"epss","scoring_elements":"0.97465","published_at":"2026-06-13T12:55:00Z"},{"value":"0.40607","scoring_system":"epss","scoring_elements":"0.97464","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0416"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0416","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0416"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617200","reference_id":"1617200","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617200"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/392.c","reference_id":"OSVDB-6831;CVE-2004-0416","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/392.c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:233","reference_id":"RHSA-2004:233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:233"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36575?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-0416"],"risk_score":0.8,"exploitability":"2.0","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y4uw-uc9k-jfdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199634?format=json","vulnerability_id":"VCID-yyyb-3sfs-13af","summary":"CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0977.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0977.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0977","reference_id":"","reference_type":"","scores":[{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.8364","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83699","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83709","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83705","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0977"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617113","reference_id":"1617113","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617113"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:003","reference_id":"RHSA-2004:003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:004","reference_id":"RHSA-2004:004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:004"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36566?format=json","purl":"pkg:deb/debian/cvs@1:1.11.10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.11.10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2003-0977"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yyyb-3sfs-13af"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"}