{"url":"http://public2.vulnerablecode.io/api/packages/36563?format=json","purl":"pkg:deb/debian/cvs@1.11.2-5.1?distro=trixie","type":"deb","namespace":"debian","name":"cvs","version":"1.11.2-5.1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1:1.11.2","latest_non_vulnerable_version":"2:1.12.13+real-31","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199478?format=json","vulnerability_id":"VCID-977s-a2ue-w7eu","summary":"Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0015.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0015.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0015","reference_id":"","reference_type":"","scores":[{"value":"0.37007","scoring_system":"epss","scoring_elements":"0.9726","published_at":"2026-06-11T12:55:00Z"},{"value":"0.37007","scoring_system":"epss","scoring_elements":"0.97268","published_at":"2026-06-12T12:55:00Z"},{"value":"0.37007","scoring_system":"epss","scoring_elements":"0.97269","published_at":"2026-06-13T12:55:00Z"},{"value":"0.37007","scoring_system":"epss","scoring_elements":"0.9727","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0015"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616934","reference_id":"1616934","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616934"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22187.txt","reference_id":"CVE-2003-0015;OSVDB-3227","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22187.txt"},{"reference_url":"https://www.securityfocus.com/bid/6650/info","reference_id":"CVE-2003-0015;OSVDB-3227","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/6650/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:012","reference_id":"RHSA-2003:012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:013","reference_id":"RHSA-2003:013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:013"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/36563?format=json","purl":"pkg:deb/debian/cvs@1.11.2-5.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1.11.2-5.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36558?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36556?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36561?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/36560?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2003-0015"],"risk_score":0.6,"exploitability":"2.0","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-977s-a2ue-w7eu"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1.11.2-5.1%3Fdistro=trixie"}