{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","type":"deb","namespace":"debian","name":"evolution","version":"3.38.3-1+deb11u2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"3.46.4-2+deb12u1","latest_non_vulnerable_version":"3.56.2-9","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200166?format=json","vulnerability_id":"VCID-1ffq-e994-bka9","summary":"Multiple format string vulnerabilities in Evolution 1.5 through 2.3.6.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) full vCard data, (2) contact data from remote LDAP servers, or (3) task list data from remote servers.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2549.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2549.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2549","reference_id":"","reference_type":"","scores":[{"value":"0.02934","scoring_system":"epss","scoring_elements":"0.86731","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2549"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2549","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2549"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617731","reference_id":"1617731","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617731"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322535","reference_id":"322535","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:267","reference_id":"RHSA-2005:267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:267"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39290?format=json","purl":"pkg:deb/debian/evolution@2.2.3-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@2.2.3-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2005-2549"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1ffq-e994-bka9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201439?format=json","vulnerability_id":"VCID-1kgt-ev1b-vqey","summary":"The Mailer component in Evolution 2.26.1 and earlier uses world-readable permissions for the .evolution directory, and certain directories and files under .evolution/ related to local mail, which allows local users to obtain sensitive information by reading these files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1631.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1631.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1631","reference_id":"","reference_type":"","scores":[{"value":"0.00105","scoring_system":"epss","scoring_elements":"0.28033","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1631"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1631","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1631"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=498648","reference_id":"498648","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=498648"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526409","reference_id":"526409","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=526409"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39302?format=json","purl":"pkg:deb/debian/evolution@2.29.90-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@2.29.90-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2009-1631"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1kgt-ev1b-vqey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199503?format=json","vulnerability_id":"VCID-1pms-gy8w-pbhu","summary":"The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0128.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0128.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0128","reference_id":"","reference_type":"","scores":[{"value":"0.34518","scoring_system":"epss","scoring_elements":"0.97108","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0128"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0128","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0128"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616971","reference_id":"1616971","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616971"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22370.txt","reference_id":"CVE-2003-0128;OSVDB-13490","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/22370.txt"},{"reference_url":"https://www.securityfocus.com/bid/7118/info","reference_id":"CVE-2003-0128;OSVDB-13490","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/7118/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:108","reference_id":"RHSA-2003:108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:108"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39278?format=json","purl":"pkg:deb/debian/evolution@1.2.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@1.2.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2003-0128"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1pms-gy8w-pbhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200288?format=json","vulnerability_id":"VCID-27dq-4ygw-ebhe","summary":"GNOME Evolution 2.4.2.1 and earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a text e-mail with a large number of URLs, possibly due to unknown problems in gtkhtml.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0040.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0040.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0040","reference_id":"","reference_type":"","scores":[{"value":"0.00531","scoring_system":"epss","scoring_elements":"0.67693","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0040"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0040","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0040"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=183680","reference_id":"183680","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=183680"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=398064","reference_id":"398064","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=398064"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39291?format=json","purl":"pkg:deb/debian/evolution@2.10.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@2.10.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2006-0040"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-27dq-4ygw-ebhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178625?format=json","vulnerability_id":"VCID-3ja7-4cwn-cbfr","summary":"A format string error has been discovered in Evolution, possibly resulting\n    in the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0072.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-0072.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0072","reference_id":"","reference_type":"","scores":[{"value":"0.16096","scoring_system":"epss","scoring_elements":"0.94944","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-0072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0072"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=435759","reference_id":"435759","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=435759"},{"reference_url":"https://security.gentoo.org/glsa/200803-12","reference_id":"GLSA-200803-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200803-12"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0177","reference_id":"RHSA-2008:0177","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0178","reference_id":"RHSA-2008:0178","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0178"},{"reference_url":"https://usn.ubuntu.com/583-1/","reference_id":"USN-583-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/583-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39298?format=json","purl":"pkg:deb/debian/evolution@2.12.3-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@2.12.3-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2008-0072"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ja7-4cwn-cbfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199534?format=json","vulnerability_id":"VCID-5r5s-q64u-jyet","summary":"The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0296","reference_id":"","reference_type":"","scores":[{"value":"0.00954","scoring_system":"epss","scoring_elements":"0.76851","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0296"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39284?format=json","purl":"pkg:deb/debian/evolution@1.3.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@1.3.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2003-0296"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5r5s-q64u-jyet"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177466?format=json","vulnerability_id":"VCID-67d5-ftaf-8yhj","summary":"The IMAP client of Evolution contains a vulnerability potentially leading\n    to the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3257.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3257.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3257","reference_id":"","reference_type":"","scores":[{"value":"0.02775","scoring_system":"epss","scoring_elements":"0.8637","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-3257"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3257","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3257"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=244277","reference_id":"244277","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=244277"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429876","reference_id":"429876","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429876"},{"reference_url":"https://security.gentoo.org/glsa/200707-03","reference_id":"GLSA-200707-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200707-03"},{"reference_url":"https://security.gentoo.org/glsa/200711-04","reference_id":"GLSA-200711-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0509","reference_id":"RHSA-2007:0509","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0509"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0510","reference_id":"RHSA-2007:0510","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0510"},{"reference_url":"https://usn.ubuntu.com/475-1/","reference_id":"USN-475-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/475-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39297?format=json","purl":"pkg:deb/debian/evolution@2.12.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@2.12.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2007-3257"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-67d5-ftaf-8yhj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199507?format=json","vulnerability_id":"VCID-6jbu-xyh5-cyfj","summary":"GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause a denial of service (crash) via certain malformed messages.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0133.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0133.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0133","reference_id":"","reference_type":"","scores":[{"value":"0.00763","scoring_system":"epss","scoring_elements":"0.73852","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0133"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0133","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0133"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616978","reference_id":"1616978","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616978"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:126","reference_id":"RHSA-2003:126","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:126"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39282?format=json","purl":"pkg:deb/debian/evolution@1.2.4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@1.2.4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2003-0133"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6jbu-xyh5-cyfj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7585?format=json","vulnerability_id":"VCID-7kpt-g36p-7ycv","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11879.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-11879.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11879","reference_id":"","reference_type":"","scores":[{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.68015","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-11879"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11879","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11879"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1867605","reference_id":"1867605","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1867605"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39305?format=json","purl":"pkg:deb/debian/evolution@3.36.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.36.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2020-11879"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7kpt-g36p-7ycv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4867?format=json","vulnerability_id":"VCID-7pcu-prtr-bqhg","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15587.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-15587.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15587","reference_id":"","reference_type":"","scores":[{"value":"0.00925","scoring_system":"epss","scoring_elements":"0.76475","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-15587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15587"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1677650","reference_id":"1677650","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1677650"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924616","reference_id":"924616","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924616"},{"reference_url":"https://security.archlinux.org/ASA-201904-1","reference_id":"ASA-201904-1","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201904-1"},{"reference_url":"https://security.archlinux.org/AVG-889","reference_id":"AVG-889","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-889"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1080","reference_id":"RHSA-2020:1080","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1600","reference_id":"RHSA-2020:1600","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1600"},{"reference_url":"https://usn.ubuntu.com/3998-1/","reference_id":"USN-3998-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3998-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39304?format=json","purl":"pkg:deb/debian/evolution@3.30.5-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.30.5-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2018-15587"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7pcu-prtr-bqhg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178293?format=json","vulnerability_id":"VCID-9du9-wsr8-d7ay","summary":"Multiple vulnerabilities in Evolution may allow for user-assisted execution\n    of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1109.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1109.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1109","reference_id":"","reference_type":"","scores":[{"value":"0.04236","scoring_system":"epss","scoring_elements":"0.8902","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1109"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1109","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1109"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=448541","reference_id":"448541","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=448541"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484639","reference_id":"484639","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484639"},{"reference_url":"https://security.gentoo.org/glsa/200806-06","reference_id":"GLSA-200806-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200806-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0514","reference_id":"RHSA-2008:0514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0515","reference_id":"RHSA-2008:0515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0515"},{"reference_url":"https://usn.ubuntu.com/615-1/","reference_id":"USN-615-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/615-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39300?format=json","purl":"pkg:deb/debian/evolution@2.22.2-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@2.22.2-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2008-1109"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9du9-wsr8-d7ay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199957?format=json","vulnerability_id":"VCID-eah3-vbhe-4bgz","summary":"Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0102.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0102.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0102","reference_id":"","reference_type":"","scores":[{"value":"0.00599","scoring_system":"epss","scoring_elements":"0.69912","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0102"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0102","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0102"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617460","reference_id":"1617460","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617460"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=295548","reference_id":"295548","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=295548"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:238","reference_id":"RHSA-2005:238","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:238"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:397","reference_id":"RHSA-2005:397","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:397"},{"reference_url":"https://usn.ubuntu.com/69-1/","reference_id":"USN-69-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/69-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39286?format=json","purl":"pkg:deb/debian/evolution@2.0.3-1.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@2.0.3-1.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2005-0102"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eah3-vbhe-4bgz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/185666?format=json","vulnerability_id":"VCID-f121-myv6-6ua1","summary":"A vulnerability has been discovered in Evolution allowing for the execution\n    of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1002.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1002.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1002","reference_id":"","reference_type":"","scores":[{"value":"0.1249","scoring_system":"epss","scoring_elements":"0.94081","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1002"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=233587","reference_id":"233587","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=233587"},{"reference_url":"https://security.gentoo.org/glsa/200706-02","reference_id":"GLSA-200706-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200706-02"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0158","reference_id":"RHSA-2007:0158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0158"},{"reference_url":"https://usn.ubuntu.com/442-1/","reference_id":"USN-442-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/442-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39296?format=json","purl":"pkg:deb/debian/evolution@2.10.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@2.10.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2007-1002"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f121-myv6-6ua1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200314?format=json","vulnerability_id":"VCID-fh7r-rv78-pkcd","summary":"The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains \"Content-Disposition: inline\" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0528","reference_id":"","reference_type":"","scores":[{"value":"0.05109","scoring_system":"epss","scoring_elements":"0.90052","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-0528"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0528","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0528"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27145.txt","reference_id":"CVE-2006-0528;OSVDB-22923","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27145.txt"},{"reference_url":"https://www.securityfocus.com/bid/16408/info","reference_id":"CVE-2006-0528;OSVDB-22923","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/16408/info"},{"reference_url":"https://usn.ubuntu.com/265-1/","reference_id":"USN-265-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/265-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39293?format=json","purl":"pkg:deb/debian/evolution@2.2.3-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@2.2.3-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2006-0528"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fh7r-rv78-pkcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200408?format=json","vulnerability_id":"VCID-h4xp-q36b-87e1","summary":"Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when \"load images if sender in addressbook\" is enabled, allows remote attackers to cause a denial of service (persistent crash) via a crafted \"From\" header that triggers an assert error in camel-internet-address.c when a null pointer is used.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2789.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2789.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2789","reference_id":"","reference_type":"","scores":[{"value":"0.00786","scoring_system":"epss","scoring_elements":"0.7425","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2006-2789"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2789","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2789"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39295?format=json","purl":"pkg:deb/debian/evolution@2.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@2.4.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2006-2789"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h4xp-q36b-87e1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199445?format=json","vulnerability_id":"VCID-j255-6yat-pkew","summary":"The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1471","reference_id":"","reference_type":"","scores":[{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59579","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1471"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1471","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1471"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=280883","reference_id":"280883","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=280883"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39270?format=json","purl":"pkg:deb/debian/evolution@1.2.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@1.2.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2002-1471"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j255-6yat-pkew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199504?format=json","vulnerability_id":"VCID-j4pn-f41d-fqd2","summary":"Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0129.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0129.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0129","reference_id":"","reference_type":"","scores":[{"value":"0.20218","scoring_system":"epss","scoring_elements":"0.95647","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0129"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0129","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0129"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616972","reference_id":"1616972","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616972"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22369.txt","reference_id":"CVE-2003-0129;OSVDB-9795","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22369.txt"},{"reference_url":"https://www.securityfocus.com/bid/7117/info","reference_id":"CVE-2003-0129;OSVDB-9795","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/7117/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:108","reference_id":"RHSA-2003:108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:108"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39278?format=json","purl":"pkg:deb/debian/evolution@1.2.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@1.2.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2003-0129"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j4pn-f41d-fqd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199460?format=json","vulnerability_id":"VCID-jz4u-yebn-gbbw","summary":"Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service (memory consumption and crash) via an email with a malformed MIME header.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1765","reference_id":"","reference_type":"","scores":[{"value":"0.00911","scoring_system":"epss","scoring_elements":"0.76307","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1765"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39277?format=json","purl":"pkg:deb/debian/evolution@1.0.5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@1.0.5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2002-1765"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jz4u-yebn-gbbw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178292?format=json","vulnerability_id":"VCID-kp8e-yu4x-2ygc","summary":"Multiple vulnerabilities in Evolution may allow for user-assisted execution\n    of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1108.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1108.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1108","reference_id":"","reference_type":"","scores":[{"value":"0.04236","scoring_system":"epss","scoring_elements":"0.8902","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-1108"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1108","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1108"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=448540","reference_id":"448540","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=448540"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484639","reference_id":"484639","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=484639"},{"reference_url":"https://security.gentoo.org/glsa/200806-06","reference_id":"GLSA-200806-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200806-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0514","reference_id":"RHSA-2008:0514","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0514"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0515","reference_id":"RHSA-2008:0515","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0515"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0516","reference_id":"RHSA-2008:0516","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0516"},{"reference_url":"https://access.redhat.com/errata/RHSA-2008:0517","reference_id":"RHSA-2008:0517","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2008:0517"},{"reference_url":"https://usn.ubuntu.com/615-1/","reference_id":"USN-615-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/615-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39300?format=json","purl":"pkg:deb/debian/evolution@2.22.2-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@2.22.2-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2008-1108"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kp8e-yu4x-2ygc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200039?format=json","vulnerability_id":"VCID-n19y-rxv1-x7f7","summary":"Evolution 2.0.3 allows remote attackers to cause a denial of service (application crash or hang) via crafted messages, possibly involving charsets in attachment filenames.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0806.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0806.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0806","reference_id":"","reference_type":"","scores":[{"value":"0.00911","scoring_system":"epss","scoring_elements":"0.76307","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0806"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0806","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0806"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617583","reference_id":"1617583","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:397","reference_id":"RHSA-2005:397","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:397"},{"reference_url":"https://usn.ubuntu.com/166-1/","reference_id":"USN-166-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/166-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39289?format=json","purl":"pkg:deb/debian/evolution@2.0.4-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@2.0.4-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2005-0806"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n19y-rxv1-x7f7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199505?format=json","vulnerability_id":"VCID-uwpv-btmf-yyas","summary":"The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0130.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0130.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0130","reference_id":"","reference_type":"","scores":[{"value":"0.13546","scoring_system":"epss","scoring_elements":"0.94389","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0130"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0130","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0130"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616973","reference_id":"1616973","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616973"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22371.txt","reference_id":"CVE-2003-0130;OSVDB-13491","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22371.txt"},{"reference_url":"https://www.securityfocus.com/bid/7119/info","reference_id":"CVE-2003-0130;OSVDB-13491","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/7119/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:108","reference_id":"RHSA-2003:108","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:108"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39278?format=json","purl":"pkg:deb/debian/evolution@1.2.3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@1.2.3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2003-0130"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uwpv-btmf-yyas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/200168?format=json","vulnerability_id":"VCID-vtz9-3sep-yqhh","summary":"Format string vulnerability in Evolution 1.4 through 2.3.6.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the calendar entries such as task lists, which are not properly handled when the user selects the Calendars tab.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2550.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2550.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2550","reference_id":"","reference_type":"","scores":[{"value":"0.05157","scoring_system":"epss","scoring_elements":"0.90102","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2550"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617732","reference_id":"1617732","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617732"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322535","reference_id":"322535","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=322535"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:267","reference_id":"RHSA-2005:267","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:267"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39290?format=json","purl":"pkg:deb/debian/evolution@2.2.3-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@2.2.3-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2005-2550"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vtz9-3sep-yqhh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212593?format=json","vulnerability_id":"VCID-xd3g-wmgc-g7dd","summary":"gtkhtml before 1.1.10, as used in Evolution, allows remote attackers to cause a denial of service (crash) via a malformed message that causes a null pointer dereference.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0541.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0541.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0541","reference_id":"","reference_type":"","scores":[{"value":"0.01108","scoring_system":"epss","scoring_elements":"0.78529","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0541"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617047","reference_id":"1617047","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617047"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:264","reference_id":"RHSA-2003:264","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:264"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/39285?format=json","purl":"pkg:deb/debian/evolution@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39271?format=json","purl":"pkg:deb/debian/evolution@3.38.3-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39269?format=json","purl":"pkg:deb/debian/evolution@3.46.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.46.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39275?format=json","purl":"pkg:deb/debian/evolution@3.56.2-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/39272?format=json","purl":"pkg:deb/debian/evolution@3.56.2-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.56.2-9%3Fdistro=trixie"}],"aliases":["CVE-2003-0541"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xd3g-wmgc-g7dd"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/evolution@3.38.3-1%252Bdeb11u2%3Fdistro=trixie"}