{"url":"http://public2.vulnerablecode.io/api/packages/371051?format=json","purl":"pkg:rpm/redhat/zlib@1.2.1.2-1?arch=1","type":"rpm","namespace":"redhat","name":"zlib","version":"1.2.1.2-1","qualifiers":{"arch":"1"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200124?format=json","vulnerability_id":"VCID-1ntc-urq5-gqfw","summary":"zlib 1.2 and later versions allows remote attackers to cause a denial of service (crash) via a crafted compressed stream with an incomplete code description of a length greater than 1, which leads to a buffer overflow, as demonstrated using a crafted PNG file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2096.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2096.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2096","reference_id":"","reference_type":"","scores":[{"value":"0.43032","scoring_system":"epss","scoring_elements":"0.97577","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2096"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317133","reference_id":"317133","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317133"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317523","reference_id":"317523","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317523"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317966","reference_id":"317966","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317966"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317967","reference_id":"317967","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317967"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317968","reference_id":"317968","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=317968"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318014","reference_id":"318014","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318014"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318091","reference_id":"318091","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318091"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318099","reference_id":"318099","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318099"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318100","reference_id":"318100","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318100"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318246","reference_id":"318246","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=318246"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332236","reference_id":"332236","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=332236"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=430650","reference_id":"430650","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=430650"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:569","reference_id":"RHSA-2005:569","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0264","reference_id":"RHSA-2008:0264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0264"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0525","reference_id":"RHSA-2008:0525","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0525"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0629","reference_id":"RHSA-2008:0629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0629"},{"reference_url":"https://usn.ubuntu.com/148-1/","reference_id":"USN-148-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/148-1/"},{"reference_url":"https://usn.ubuntu.com/151-2/","reference_id":"USN-151-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-2/"},{"reference_url":"https://usn.ubuntu.com/151-3/","reference_id":"USN-151-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-3/"},{"reference_url":"https://usn.ubuntu.com/151-4/","reference_id":"USN-151-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/151-4/"}],"fixed_packages":[],"aliases":["CVE-2005-2096"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ntc-urq5-gqfw"}],"fixing_vulnerabilities":[],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/zlib@1.2.1.2-1%3Farch=1"}