{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","type":"deb","namespace":"debian","name":"file","version":"1:5.39-3+deb11u1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1:5.44-1","latest_non_vulnerable_version":"1:5.47-4","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201437?format=json","vulnerability_id":"VCID-2997-gyrf-cufm","summary":"Heap-based buffer overflow in the cdf_read_sat function in src/cdf.c in Christos Zoulas file 5.00 allows user-assisted remote attackers to execute arbitrary code via a crafted compound document file, as demonstrated by a .msi, .doc, or .mpp file.  NOTE: some of these details are obtained from third party information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1515.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1515.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1515","reference_id":"","reference_type":"","scores":[{"value":"0.04179","scoring_system":"epss","scoring_elements":"0.88951","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1515"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=497913","reference_id":"497913","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=497913"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40390?format=json","purl":"pkg:deb/debian/file@5.02-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.02-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2009-1515"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2997-gyrf-cufm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109642?format=json","vulnerability_id":"VCID-2rxb-jn9e-87c3","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3538.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3538.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3538","reference_id":"","reference_type":"","scores":[{"value":"0.33041","scoring_system":"epss","scoring_elements":"0.97008","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1098222","reference_id":"1098222","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1098222"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1327","reference_id":"RHSA-2014:1327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1765","reference_id":"RHSA-2014:1765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1766","reference_id":"RHSA-2014:1766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0760","reference_id":"RHSA-2016:0760","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0760"},{"reference_url":"https://usn.ubuntu.com/2278-1/","reference_id":"USN-2278-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2278-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40405?format=json","purl":"pkg:deb/debian/file@1:5.19-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-3538"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2rxb-jn9e-87c3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199639?format=json","vulnerability_id":"VCID-4b4y-44tf-p3an","summary":"Unknown vulnerability in the \"Automatic File Content Type Recognition (AFCTR) Tool version of the file package before 3.41, related to \"a memory allocation problem,\" has unknown impact.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-1092","reference_id":"","reference_type":"","scores":[{"value":"0.20795","scoring_system":"epss","scoring_elements":"0.95738","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-1092"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1092","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-1092"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/22326.c","reference_id":"CVE-2003-1092;OSVDB-14743","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/22326.c"},{"reference_url":"http://www.idefense.com/advisory/03.04.03.txt","reference_id":"CVE-2003-1092;OSVDB-14743","reference_type":"exploit","scores":[],"url":"http://www.idefense.com/advisory/03.04.03.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40382?format=json","purl":"pkg:deb/debian/file@3.4.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@3.4.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2003-1092"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4b4y-44tf-p3an"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201590?format=json","vulnerability_id":"VCID-4s7n-gprx-2bay","summary":"Multiple integer overflows in Christos Zoulas file before 5.02 allow user-assisted remote attackers to have an unspecified impact via a malformed compound document (aka cdf) file that triggers a buffer overflow.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3930","reference_id":"","reference_type":"","scores":[{"value":"0.00876","scoring_system":"epss","scoring_elements":"0.75721","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3930"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3930","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3930"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40394?format=json","purl":"pkg:deb/debian/file@5.03-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.03-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2009-3930"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4s7n-gprx-2bay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6621?format=json","vulnerability_id":"VCID-4z1u-8azq-ufdr","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18218.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18218.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18218","reference_id":"","reference_type":"","scores":[{"value":"0.00174","scoring_system":"epss","scoring_elements":"0.38605","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18218"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18218","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18218"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1765272","reference_id":"1765272","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1765272"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942830","reference_id":"942830","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942830"},{"reference_url":"https://security.archlinux.org/ASA-202001-2","reference_id":"ASA-202001-2","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202001-2"},{"reference_url":"https://security.archlinux.org/AVG-1083","reference_id":"AVG-1083","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1083"},{"reference_url":"https://security.gentoo.org/glsa/202003-24","reference_id":"GLSA-202003-24","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202003-24"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4374","reference_id":"RHSA-2021:4374","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4374"},{"reference_url":"https://usn.ubuntu.com/4172-1/","reference_id":"USN-4172-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4172-1/"},{"reference_url":"https://usn.ubuntu.com/4172-2/","reference_id":"USN-4172-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4172-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40434?format=json","purl":"pkg:deb/debian/file@1:5.37-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.37-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2019-18218"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4z1u-8azq-ufdr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7301?format=json","vulnerability_id":"VCID-54b2-2ak7-nugd","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8906.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8906.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8906","reference_id":"","reference_type":"","scores":[{"value":"0.00097","scoring_system":"epss","scoring_elements":"0.26818","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8906"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8906","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8906"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1679175","reference_id":"1679175","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1679175"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922969","reference_id":"922969","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922969"},{"reference_url":"https://security.archlinux.org/ASA-201903-5","reference_id":"ASA-201903-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201903-5"},{"reference_url":"https://security.archlinux.org/AVG-907","reference_id":"AVG-907","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-907"},{"reference_url":"https://usn.ubuntu.com/3911-1/","reference_id":"USN-3911-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3911-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40437?format=json","purl":"pkg:deb/debian/file@1:5.35-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.35-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2019-8906"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-54b2-2ak7-nugd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109628?format=json","vulnerability_id":"VCID-6gmr-nfnu-9fba","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0207.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0207.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0207","reference_id":"","reference_type":"","scores":[{"value":"0.09152","scoring_system":"epss","scoring_elements":"0.92868","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721"},{"reference_url":"http://mx.gw.com/pipermail/file/2014/001553.html","reference_id":"001553.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"http://mx.gw.com/pipermail/file/2014/001553.html"},{"reference_url":"http://secunia.com/advisories/59794","reference_id":"59794","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"http://secunia.com/advisories/59794"},{"reference_url":"http://secunia.com/advisories/59831","reference_id":"59831","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"http://secunia.com/advisories/59831"},{"reference_url":"http://www.securityfocus.com/bid/68243","reference_id":"68243","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"http://www.securityfocus.com/bid/68243"},{"reference_url":"https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391","reference_id":"6d209c1c489457397a5763bca4b28e43aac90391","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"https://github.com/file/file/commit/6d209c1c489457397a5763bca4b28e43aac90391"},{"reference_url":"https://bugs.php.net/bug.php?id=67326","reference_id":"bug.php?id=67326","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"https://bugs.php.net/bug.php?id=67326"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html","reference_id":"bulletinjan2015-2370101.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"},{"reference_url":"http://www.php.net/ChangeLog-5.php","reference_id":"ChangeLog-5.php","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"http://www.php.net/ChangeLog-5.php"},{"reference_url":"http://www.debian.org/security/2014/dsa-2974","reference_id":"dsa-2974","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"http://www.debian.org/security/2014/dsa-2974"},{"reference_url":"http://www.debian.org/security/2014/dsa-3021","reference_id":"dsa-3021","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"http://www.debian.org/security/2014/dsa-3021"},{"reference_url":"https://support.apple.com/HT204659","reference_id":"HT204659","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"https://support.apple.com/HT204659"},{"reference_url":"http://support.apple.com/kb/HT6443","reference_id":"HT6443","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"http://support.apple.com/kb/HT6443"},{"reference_url":"http://marc.info/?l=bugtraq&m=141017844705317&w=2","reference_id":"?l=bugtraq&m=141017844705317&w=2","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"http://marc.info/?l=bugtraq&m=141017844705317&w=2"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"linuxbulletinoct2015-2719645.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html","reference_id":"msg00001.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html","reference_id":"msg00046.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1013","reference_id":"RHSA-2014:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1765","reference_id":"RHSA-2014:1765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1765"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1765.html","reference_id":"RHSA-2014-1765.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1765.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1766","reference_id":"RHSA-2014:1766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1766"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1766.html","reference_id":"RHSA-2014-1766.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1766.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1091842","reference_id":"show_bug.cgi?id=1091842","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:29:01Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1091842"},{"reference_url":"https://usn.ubuntu.com/2276-1/","reference_id":"USN-2276-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2276-1/"},{"reference_url":"https://usn.ubuntu.com/2278-1/","reference_id":"USN-2278-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2278-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40405?format=json","purl":"pkg:deb/debian/file@1:5.19-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-0207"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6gmr-nfnu-9fba"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7299?format=json","vulnerability_id":"VCID-6ntb-aggd-hbb3","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8904.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8904.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8904","reference_id":"","reference_type":"","scores":[{"value":"0.01089","scoring_system":"epss","scoring_elements":"0.78334","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8904"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1679188","reference_id":"1679188","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1679188"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922967","reference_id":"922967","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922967"},{"reference_url":"https://security.archlinux.org/ASA-201903-5","reference_id":"ASA-201903-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201903-5"},{"reference_url":"https://security.archlinux.org/AVG-907","reference_id":"AVG-907","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-907"},{"reference_url":"https://usn.ubuntu.com/3911-1/","reference_id":"USN-3911-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3911-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40437?format=json","purl":"pkg:deb/debian/file@1:5.35-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.35-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2019-8904"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6ntb-aggd-hbb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87467?format=json","vulnerability_id":"VCID-7wpf-f12u-nua6","summary":"file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1571.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1571.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1571","reference_id":"","reference_type":"","scores":[{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55938","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-1571"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1571","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1571"},{"reference_url":"http://mx.gw.com/pipermail/file/2012/000914.html","reference_id":"000914.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/"}],"url":"http://mx.gw.com/pipermail/file/2012/000914.html"},{"reference_url":"https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295","reference_id":"1859fdb4e67c49c463c4e0078054335cd46ba295","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/"}],"url":"https://github.com/glensc/file/commit/1859fdb4e67c49c463c4e0078054335cd46ba295"},{"reference_url":"https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b","reference_id":"1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/"}],"url":"https://github.com/glensc/file/commit/1aec04dbf8a24b8a6ba64c4f74efa0628e36db0b"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664263","reference_id":"664263","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664263"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=805197","reference_id":"805197","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=805197"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:035","reference_id":"advisories?name=MDVSA-2012:035","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/"}],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:035"},{"reference_url":"http://www.debian.org/security/2012/dsa-2422","reference_id":"dsa-2422","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/"}],"url":"http://www.debian.org/security/2012/dsa-2422"},{"reference_url":"https://security.gentoo.org/glsa/201209-14","reference_id":"GLSA-201209-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201209-14"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1012","reference_id":"RHSA-2014:1012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1606","reference_id":"RHSA-2014:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1606"},{"reference_url":"https://usn.ubuntu.com/2123-1/","reference_id":"USN-2123-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2123-1/"},{"reference_url":"http://www.ubuntu.com/usn/USN-2123-1","reference_id":"USN-2123-1","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:30:57Z/"}],"url":"http://www.ubuntu.com/usn/USN-2123-1"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40398?format=json","purl":"pkg:deb/debian/file@5.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2012-1571"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7wpf-f12u-nua6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109638?format=json","vulnerability_id":"VCID-a57x-d3w6-d3es","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3480.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3480.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3480","reference_id":"","reference_type":"","scores":[{"value":"0.03336","scoring_system":"epss","scoring_elements":"0.87571","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721"},{"reference_url":"http://mx.gw.com/pipermail/file/2014/001553.html","reference_id":"001553.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"http://mx.gw.com/pipermail/file/2014/001553.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1104858","reference_id":"1104858","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1104858"},{"reference_url":"https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382","reference_id":"40bade80cbe2af1d0b2cd0420cebd5d5905a2382","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"https://github.com/file/file/commit/40bade80cbe2af1d0b2cd0420cebd5d5905a2382"},{"reference_url":"http://secunia.com/advisories/59794","reference_id":"59794","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"http://secunia.com/advisories/59794"},{"reference_url":"http://secunia.com/advisories/59831","reference_id":"59831","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"http://secunia.com/advisories/59831"},{"reference_url":"http://www.securityfocus.com/bid/68238","reference_id":"68238","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"http://www.securityfocus.com/bid/68238"},{"reference_url":"https://bugs.php.net/bug.php?id=67412","reference_id":"bug.php?id=67412","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"https://bugs.php.net/bug.php?id=67412"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html","reference_id":"bulletinjan2015-2370101.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"},{"reference_url":"http://www.php.net/ChangeLog-5.php","reference_id":"ChangeLog-5.php","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"http://www.php.net/ChangeLog-5.php"},{"reference_url":"http://www.debian.org/security/2014/dsa-2974","reference_id":"dsa-2974","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"http://www.debian.org/security/2014/dsa-2974"},{"reference_url":"http://www.debian.org/security/2014/dsa-3021","reference_id":"dsa-3021","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"http://www.debian.org/security/2014/dsa-3021"},{"reference_url":"https://support.apple.com/HT204659","reference_id":"HT204659","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"https://support.apple.com/HT204659"},{"reference_url":"http://support.apple.com/kb/HT6443","reference_id":"HT6443","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"http://support.apple.com/kb/HT6443"},{"reference_url":"http://marc.info/?l=bugtraq&m=141017844705317&w=2","reference_id":"?l=bugtraq&m=141017844705317&w=2","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"http://marc.info/?l=bugtraq&m=141017844705317&w=2"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"linuxbulletinoct2015-2719645.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html","reference_id":"msg00001.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html","reference_id":"msg00046.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1012","reference_id":"RHSA-2014:1012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1013","reference_id":"RHSA-2014:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1606","reference_id":"RHSA-2014:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1765","reference_id":"RHSA-2014:1765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1765"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1765.html","reference_id":"RHSA-2014-1765.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1765.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1766","reference_id":"RHSA-2014:1766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1766"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1766.html","reference_id":"RHSA-2014-1766.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:25:26Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1766.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://usn.ubuntu.com/2276-1/","reference_id":"USN-2276-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2276-1/"},{"reference_url":"https://usn.ubuntu.com/2278-1/","reference_id":"USN-2278-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2278-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40405?format=json","purl":"pkg:deb/debian/file@1:5.19-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-3480"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a57x-d3w6-d3es"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/180860?format=json","vulnerability_id":"VCID-ac7m-esr9-gkd8","summary":"A vulnerability has been discovered in file allowing for a denial of\n    service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2026.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2026.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2026","reference_id":"","reference_type":"","scores":[{"value":"0.03698","scoring_system":"epss","scoring_elements":"0.88215","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2026"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2026"},{"reference_url":"https://security.gentoo.org/glsa/200704-13","reference_id":"GLSA-200704-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200704-13"},{"reference_url":"https://security.gentoo.org/glsa/201412-11","reference_id":"GLSA-201412-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40387?format=json","purl":"pkg:deb/debian/file@4.20-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@4.20-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2007-2026"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ac7m-esr9-gkd8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/113156?format=json","vulnerability_id":"VCID-caj7-x7cq-53eg","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9652.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9652.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9652","reference_id":"","reference_type":"","scores":[{"value":"0.06907","scoring_system":"epss","scoring_elements":"0.91595","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9652"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1188599","reference_id":"1188599","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1188599"},{"reference_url":"https://security.gentoo.org/glsa/201701-42","reference_id":"GLSA-201701-42","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-42"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1053","reference_id":"RHSA-2015:1053","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1053"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1066","reference_id":"RHSA-2015:1066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1135","reference_id":"RHSA-2015:1135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://usn.ubuntu.com/2501-1/","reference_id":"USN-2501-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2501-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40416?format=json","purl":"pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.21%252B15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-9652"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-caj7-x7cq-53eg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/4370?format=json","vulnerability_id":"VCID-enm9-4hez-n3ce","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10360.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10360.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10360","reference_id":"","reference_type":"","scores":[{"value":"0.00499","scoring_system":"epss","scoring_elements":"0.66385","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-10360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10360"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1590000","reference_id":"1590000","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1590000"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901351","reference_id":"901351","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901351"},{"reference_url":"https://security.gentoo.org/glsa/201806-08","reference_id":"GLSA-201806-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201806-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1022","reference_id":"RHSA-2020:1022","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1022"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2521","reference_id":"RHSA-2020:2521","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2768","reference_id":"RHSA-2020:2768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:2838","reference_id":"RHSA-2020:2838","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:2838"},{"reference_url":"https://usn.ubuntu.com/3686-1/","reference_id":"USN-3686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3686-1/"},{"reference_url":"https://usn.ubuntu.com/3686-2/","reference_id":"USN-3686-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3686-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40432?format=json","purl":"pkg:deb/debian/file@1:5.33-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.33-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2018-10360"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-enm9-4hez-n3ce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7302?format=json","vulnerability_id":"VCID-f3xu-3kcd-hygz","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8907.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8907.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8907","reference_id":"","reference_type":"","scores":[{"value":"0.0053","scoring_system":"epss","scoring_elements":"0.67683","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8907"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1679138","reference_id":"1679138","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1679138"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922968","reference_id":"922968","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922968"},{"reference_url":"https://security.archlinux.org/ASA-201903-5","reference_id":"ASA-201903-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201903-5"},{"reference_url":"https://security.archlinux.org/AVG-907","reference_id":"AVG-907","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-907"},{"reference_url":"https://usn.ubuntu.com/3911-1/","reference_id":"USN-3911-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3911-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40437?format=json","purl":"pkg:deb/debian/file@1:5.35-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.35-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2019-8907"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f3xu-3kcd-hygz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109229?format=json","vulnerability_id":"VCID-f4vy-zh2v-hub1","summary":"several","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7345.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7345.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7345","reference_id":"","reference_type":"","scores":[{"value":"0.01128","scoring_system":"epss","scoring_elements":"0.78714","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7345"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3669"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3670"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1079846","reference_id":"1079846","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1079846"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703993","reference_id":"703993","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=703993"},{"reference_url":"https://security.gentoo.org/glsa/201408-08","reference_id":"GLSA-201408-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-08"},{"reference_url":"https://security.gentoo.org/glsa/201408-11","reference_id":"GLSA-201408-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1013","reference_id":"RHSA-2014:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1765","reference_id":"RHSA-2014:1765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1765"},{"reference_url":"https://usn.ubuntu.com/2278-1/","reference_id":"USN-2278-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2278-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40403?format=json","purl":"pkg:deb/debian/file@1:5.17-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.17-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2013-7345"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f4vy-zh2v-hub1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184583?format=json","vulnerability_id":"VCID-fvst-sj5n-23aj","summary":"Multiple vulnerabilities have been discovered in PHP, the worst of\n    which could lead to remote execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4636.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4636.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4636","reference_id":"","reference_type":"","scores":[{"value":"0.00326","scoring_system":"epss","scoring_elements":"0.55954","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4636"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=977463","reference_id":"977463","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=977463"},{"reference_url":"https://security.gentoo.org/glsa/201408-11","reference_id":"GLSA-201408-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-11"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40401?format=json","purl":"pkg:deb/debian/file@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2013-4636"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fvst-sj5n-23aj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203267?format=json","vulnerability_id":"VCID-fzx9-tgtg-7faq","summary":"file before 5.18, as used in the Fileinfo component in PHP before 5.6.0, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a zero root_storage value in a CDF file, related to cdf.c and readcdf.c.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0236.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0236.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0236","reference_id":"","reference_type":"","scores":[{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69436","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0236"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0236","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0236"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1098209","reference_id":"1098209","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1098209"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40405?format=json","purl":"pkg:deb/debian/file@1:5.19-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-0236"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fzx9-tgtg-7faq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201500?format=json","vulnerability_id":"VCID-g2gm-y1ax-rydd","summary":"Multiple buffer overflows in Christos Zoulas file before 5.03 in Apple Mac OS X 10.6.x before 10.6.2 allow user-assisted remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted Common Document Format (CDF) file.  NOTE: this might overlap CVE-2009-1515.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2830","reference_id":"","reference_type":"","scores":[{"value":"0.01614","scoring_system":"epss","scoring_elements":"0.82194","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-2830"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2830","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2830"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40394?format=json","purl":"pkg:deb/debian/file@5.03-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.03-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2009-2830"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g2gm-y1ax-rydd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199499?format=json","vulnerability_id":"VCID-g7n2-9fxn-m7hj","summary":"Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0102.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0102.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0102","reference_id":"","reference_type":"","scores":[{"value":"0.05745","scoring_system":"epss","scoring_elements":"0.90654","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0102"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0102","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0102"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616966","reference_id":"1616966","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616966"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/local/22324.c","reference_id":"CVE-2003-0102;OSVDB-6456","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/local/22324.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/local/22325.c","reference_id":"CVE-2003-0102;OSVDB-6456","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/local/22325.c"},{"reference_url":"https://www.securityfocus.com/bid/7008/info","reference_id":"CVE-2003-0102;OSVDB-6456","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/7008/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:086","reference_id":"RHSA-2003:086","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:087","reference_id":"RHSA-2003:087","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:087"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40376?format=json","purl":"pkg:deb/debian/file@3.40-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@3.40-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2003-0102"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g7n2-9fxn-m7hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/113153?format=json","vulnerability_id":"VCID-h7pq-fbx3-u3be","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8116.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8116.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8116","reference_id":"","reference_type":"","scores":[{"value":"0.15876","scoring_system":"epss","scoring_elements":"0.94902","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1171580","reference_id":"1171580","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1171580"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773148","reference_id":"773148","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773148"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0760","reference_id":"RHSA-2016:0760","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0760"},{"reference_url":"https://usn.ubuntu.com/2494-1/","reference_id":"USN-2494-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2494-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40416?format=json","purl":"pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.21%252B15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-8116"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h7pq-fbx3-u3be"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184875?format=json","vulnerability_id":"VCID-hdnw-aatb-6fa4","summary":"A vulnerability has been discovered in file, which could lead to a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48554.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48554.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48554","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06714","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-48554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48554","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48554"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235714","reference_id":"2235714","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2235714"},{"reference_url":"https://security.gentoo.org/glsa/202409-06","reference_id":"GLSA-202409-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-06"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2512","reference_id":"RHSA-2024:2512","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2512"},{"reference_url":"https://usn.ubuntu.com/6359-1/","reference_id":"USN-6359-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6359-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40448?format=json","purl":"pkg:deb/debian/file@1:5.44-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2022-48554"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hdnw-aatb-6fa4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176357?format=json","vulnerability_id":"VCID-jrq7-j2pg-9qdb","summary":"An integer underflow vulnerability has been reported in The Sleuth Kit\n    allowing for the user-assisted execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1536.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-1536.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1536","reference_id":"","reference_type":"","scores":[{"value":"0.41927","scoring_system":"epss","scoring_elements":"0.9752","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-1536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1536"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=233164","reference_id":"233164","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=233164"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=415362","reference_id":"415362","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=415362"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29753.c","reference_id":"CVE-2007-1536;OSVDB-34285","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/29753.c"},{"reference_url":"https://www.securityfocus.com/bid/23021/info","reference_id":"CVE-2007-1536;OSVDB-34285","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/23021/info"},{"reference_url":"https://security.gentoo.org/glsa/200703-26","reference_id":"GLSA-200703-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200703-26"},{"reference_url":"https://security.gentoo.org/glsa/200710-19","reference_id":"GLSA-200710-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200710-19"},{"reference_url":"https://security.gentoo.org/glsa/201412-11","reference_id":"GLSA-201412-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0124","reference_id":"RHSA-2007:0124","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0124"},{"reference_url":"https://usn.ubuntu.com/439-1/","reference_id":"USN-439-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/439-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40384?format=json","purl":"pkg:deb/debian/file@4.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@4.20-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2007-1536"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jrq7-j2pg-9qdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212783?format=json","vulnerability_id":"VCID-k95h-satb-8qha","summary":"The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a \"Python script text executable\" rule.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4605.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4605.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-4605","reference_id":"","reference_type":"","scores":[{"value":"0.09106","scoring_system":"epss","scoring_elements":"0.92849","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-4605"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1213442","reference_id":"1213442","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1213442"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1066","reference_id":"RHSA-2015:1066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1135","reference_id":"RHSA-2015:1135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1186","reference_id":"RHSA-2015:1186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1186"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1187","reference_id":"RHSA-2015:1187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1187"},{"reference_url":"https://usn.ubuntu.com/2658-1/","reference_id":"USN-2658-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2658-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40401?format=json","purl":"pkg:deb/debian/file@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2015-4605"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k95h-satb-8qha"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/211?format=json","vulnerability_id":"VCID-kdmj-rqns-8kbf","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3587.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3587.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3587","reference_id":"","reference_type":"","scores":[{"value":"0.30214","scoring_system":"epss","scoring_elements":"0.96793","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1128587","reference_id":"1128587","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1128587"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1326","reference_id":"RHSA-2014:1326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1327","reference_id":"RHSA-2014:1327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1327"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1765","reference_id":"RHSA-2014:1765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1766","reference_id":"RHSA-2014:1766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0760","reference_id":"RHSA-2016:0760","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0760"},{"reference_url":"https://usn.ubuntu.com/2344-1/","reference_id":"USN-2344-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2344-1/"},{"reference_url":"https://usn.ubuntu.com/2369-1/","reference_id":"USN-2369-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2369-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40412?format=json","purl":"pkg:deb/debian/file@1:5.19-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-3587"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kdmj-rqns-8kbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109636?format=json","vulnerability_id":"VCID-khms-yw8t-qfer","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3479.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3479.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3479","reference_id":"","reference_type":"","scores":[{"value":"0.05923","scoring_system":"epss","scoring_elements":"0.90824","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1104869","reference_id":"1104869","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1104869"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1012","reference_id":"RHSA-2014:1012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1013","reference_id":"RHSA-2014:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1606","reference_id":"RHSA-2014:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1765","reference_id":"RHSA-2014:1765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1766","reference_id":"RHSA-2014:1766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://usn.ubuntu.com/2276-1/","reference_id":"USN-2276-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2276-1/"},{"reference_url":"https://usn.ubuntu.com/2278-1/","reference_id":"USN-2278-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2278-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40405?format=json","purl":"pkg:deb/debian/file@1:5.19-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-3479"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-khms-yw8t-qfer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/113155?format=json","vulnerability_id":"VCID-kxqd-1yvq-4yh8","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9620.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9620.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9620","reference_id":"","reference_type":"","scores":[{"value":"0.072","scoring_system":"epss","scoring_elements":"0.91788","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1180639","reference_id":"1180639","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1180639"},{"reference_url":"https://security.gentoo.org/glsa/201503-08","reference_id":"GLSA-201503-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0760","reference_id":"RHSA-2016:0760","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0760"},{"reference_url":"https://usn.ubuntu.com/3686-1/","reference_id":"USN-3686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3686-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40416?format=json","purl":"pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.21%252B15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-9620"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kxqd-1yvq-4yh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176160?format=json","vulnerability_id":"VCID-m512-jah9-v3cf","summary":"The code for parsing ELF headers in file contains a flaw which may allow an\n    attacker to execute arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1304","reference_id":"","reference_type":"","scores":[{"value":"0.0572","scoring_system":"epss","scoring_elements":"0.90632","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1304"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24784.txt","reference_id":"CVE-2004-1304;OSVDB-12255","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/24784.txt"},{"reference_url":"https://www.securityfocus.com/bid/11771/info","reference_id":"CVE-2004-1304;OSVDB-12255","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/11771/info"},{"reference_url":"https://security.gentoo.org/glsa/200412-07","reference_id":"GLSA-200412-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200412-07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40383?format=json","purl":"pkg:deb/debian/file@4.12?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@4.12%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2004-1304"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m512-jah9-v3cf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109609?format=json","vulnerability_id":"VCID-mpsz-xmaf-pfb6","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0237.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0237.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0237","reference_id":"","reference_type":"","scores":[{"value":"0.2611","scoring_system":"epss","scoring_elements":"0.9641","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1098193","reference_id":"1098193","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1098193"},{"reference_url":"https://security.gentoo.org/glsa/201408-11","reference_id":"GLSA-201408-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1012","reference_id":"RHSA-2014:1012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1013","reference_id":"RHSA-2014:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1606","reference_id":"RHSA-2014:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1765","reference_id":"RHSA-2014:1765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1766","reference_id":"RHSA-2014:1766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://usn.ubuntu.com/2254-1/","reference_id":"USN-2254-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2254-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40405?format=json","purl":"pkg:deb/debian/file@1:5.19-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-0237"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mpsz-xmaf-pfb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/113931?format=json","vulnerability_id":"VCID-mptw-rvy9-ska3","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9653.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9653.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9653","reference_id":"","reference_type":"","scores":[{"value":"0.06827","scoring_system":"epss","scoring_elements":"0.91543","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9653"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9653","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9653"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1190116","reference_id":"1190116","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1190116"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777585","reference_id":"777585","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777585"},{"reference_url":"https://security.gentoo.org/glsa/201701-42","reference_id":"GLSA-201701-42","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-42"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0760","reference_id":"RHSA-2016:0760","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0760"},{"reference_url":"https://usn.ubuntu.com/3686-1/","reference_id":"USN-3686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3686-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40424?format=json","purl":"pkg:deb/debian/file@1:5.22%2B15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.22%252B15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-9653"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mptw-rvy9-ska3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111180?format=json","vulnerability_id":"VCID-p5ct-6pba-bqeg","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8117.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8117.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8117","reference_id":"","reference_type":"","scores":[{"value":"0.16453","scoring_system":"epss","scoring_elements":"0.95038","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-8117"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8116"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9620"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9652"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1174606","reference_id":"1174606","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1174606"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773148","reference_id":"773148","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773148"},{"reference_url":"https://security.gentoo.org/glsa/201412-48","reference_id":"GLSA-201412-48","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-48"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0760","reference_id":"RHSA-2016:0760","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0760"},{"reference_url":"https://usn.ubuntu.com/2494-1/","reference_id":"USN-2494-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2494-1/"},{"reference_url":"https://usn.ubuntu.com/2535-1/","reference_id":"USN-2535-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2535-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40416?format=json","purl":"pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.21%252B15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-8117"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p5ct-6pba-bqeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109634?format=json","vulnerability_id":"VCID-rw7r-x5jb-ryex","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3478.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3478.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3478","reference_id":"","reference_type":"","scores":[{"value":"0.37602","scoring_system":"epss","scoring_elements":"0.97297","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721"},{"reference_url":"http://mx.gw.com/pipermail/file/2014/001553.html","reference_id":"001553.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"http://mx.gw.com/pipermail/file/2014/001553.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1104863","reference_id":"1104863","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1104863"},{"reference_url":"https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08","reference_id":"27a14bc7ba285a0a5ebfdb55e54001aa11932b08","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"https://github.com/file/file/commit/27a14bc7ba285a0a5ebfdb55e54001aa11932b08"},{"reference_url":"http://secunia.com/advisories/59794","reference_id":"59794","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"http://secunia.com/advisories/59794"},{"reference_url":"http://secunia.com/advisories/59831","reference_id":"59831","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"http://secunia.com/advisories/59831"},{"reference_url":"http://www.securityfocus.com/bid/68239","reference_id":"68239","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"http://www.securityfocus.com/bid/68239"},{"reference_url":"https://bugs.php.net/bug.php?id=67410","reference_id":"bug.php?id=67410","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"https://bugs.php.net/bug.php?id=67410"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html","reference_id":"bulletinjan2015-2370101.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"},{"reference_url":"http://www.php.net/ChangeLog-5.php","reference_id":"ChangeLog-5.php","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"http://www.php.net/ChangeLog-5.php"},{"reference_url":"http://www.debian.org/security/2014/dsa-2974","reference_id":"dsa-2974","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"http://www.debian.org/security/2014/dsa-2974"},{"reference_url":"http://www.debian.org/security/2014/dsa-3021","reference_id":"dsa-3021","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"http://www.debian.org/security/2014/dsa-3021"},{"reference_url":"https://support.apple.com/HT204659","reference_id":"HT204659","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"https://support.apple.com/HT204659"},{"reference_url":"http://support.apple.com/kb/HT6443","reference_id":"HT6443","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"http://support.apple.com/kb/HT6443"},{"reference_url":"http://marc.info/?l=bugtraq&m=141017844705317&w=2","reference_id":"?l=bugtraq&m=141017844705317&w=2","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"http://marc.info/?l=bugtraq&m=141017844705317&w=2"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"linuxbulletinoct2015-2719645.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html","reference_id":"msg00001.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html","reference_id":"msg00046.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"http://lists.opensuse.org/opensuse-updates/2014-09/msg00046.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1327","reference_id":"RHSA-2014:1327","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1327"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1327.html","reference_id":"RHSA-2014-1327.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1327.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1765","reference_id":"RHSA-2014:1765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1765"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1765.html","reference_id":"RHSA-2014-1765.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1765.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1766","reference_id":"RHSA-2014:1766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1766"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2014-1766.html","reference_id":"RHSA-2014-1766.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-04T20:26:48Z/"}],"url":"http://rhn.redhat.com/errata/RHSA-2014-1766.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://usn.ubuntu.com/2276-1/","reference_id":"USN-2276-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2276-1/"},{"reference_url":"https://usn.ubuntu.com/2278-1/","reference_id":"USN-2278-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2278-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40405?format=json","purl":"pkg:deb/debian/file@1:5.19-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-3478"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rw7r-x5jb-ryex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201407?format=json","vulnerability_id":"VCID-rxvd-kezn-nkab","summary":"Multiple buffer overflows in the (1) cdf_read_sat, (2) cdf_read_long_sector_chain, and (3) cdf_read_ssat function in file before 5.02.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0948.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0948.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0948","reference_id":"","reference_type":"","scores":[{"value":"0.00416","scoring_system":"epss","scoring_elements":"0.62125","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0948"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0948","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0948"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=498682","reference_id":"498682","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=498682"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40390?format=json","purl":"pkg:deb/debian/file@5.02-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.02-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2009-0948"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rxvd-kezn-nkab"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/112160?format=json","vulnerability_id":"VCID-rxxq-8uza-mken","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3710.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3710.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3710","reference_id":"","reference_type":"","scores":[{"value":"0.08075","scoring_system":"epss","scoring_elements":"0.9233","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3710"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3710"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1155071","reference_id":"1155071","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1155071"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768806","reference_id":"768806","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=768806"},{"reference_url":"https://security.gentoo.org/glsa/201503-03","reference_id":"GLSA-201503-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-03"},{"reference_url":"https://security.gentoo.org/glsa/201701-42","reference_id":"GLSA-201701-42","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-42"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1765","reference_id":"RHSA-2014:1765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1766","reference_id":"RHSA-2014:1766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1767","reference_id":"RHSA-2014:1767","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1767"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1768","reference_id":"RHSA-2014:1768","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1768"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:0760","reference_id":"RHSA-2016:0760","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:0760"},{"reference_url":"https://usn.ubuntu.com/2391-1/","reference_id":"USN-2391-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2391-1/"},{"reference_url":"https://usn.ubuntu.com/2494-1/","reference_id":"USN-2494-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2494-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40413?format=json","purl":"pkg:deb/debian/file@1:5.20-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.20-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-3710"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rxxq-8uza-mken"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183645?format=json","vulnerability_id":"VCID-s1h1-vb7f-ckgw","summary":"Vulnerabilities in file could allow a context-dependent attack to\n    create a Denial of Service condition.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9621.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9621.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9621","reference_id":"","reference_type":"","scores":[{"value":"0.01102","scoring_system":"epss","scoring_elements":"0.7847","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9621"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9621","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9621"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1180642","reference_id":"1180642","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1180642"},{"reference_url":"https://security.gentoo.org/glsa/201503-08","reference_id":"GLSA-201503-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-08"},{"reference_url":"https://usn.ubuntu.com/3686-1/","reference_id":"USN-3686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3686-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40416?format=json","purl":"pkg:deb/debian/file@1:5.21%2B15-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.21%252B15-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-9621"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s1h1-vb7f-ckgw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/581?format=json","vulnerability_id":"VCID-t5p7-e9fm-hbe5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8865.json","reference_id":"","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8865.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8865","reference_id":"","reference_type":"","scores":[{"value":"0.01014","scoring_system":"epss","scoring_elements":"0.77573","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8865","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8865"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4070","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4070"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4071","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4071"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4073","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4073"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1323118","reference_id":"1323118","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1323118"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827377","reference_id":"827377","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827377"},{"reference_url":"https://security.gentoo.org/glsa/201611-22","reference_id":"GLSA-201611-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201611-22"},{"reference_url":"https://security.gentoo.org/glsa/201701-42","reference_id":"GLSA-201701-42","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-42"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2750","reference_id":"RHSA-2016:2750","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2750"},{"reference_url":"https://usn.ubuntu.com/2984-1/","reference_id":"USN-2984-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2984-1/"},{"reference_url":"https://usn.ubuntu.com/3686-1/","reference_id":"USN-3686-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3686-1/"},{"reference_url":"https://usn.ubuntu.com/3686-2/","reference_id":"USN-3686-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3686-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40429?format=json","purl":"pkg:deb/debian/file@1:5.24-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.24-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2015-8865"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t5p7-e9fm-hbe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/176358?format=json","vulnerability_id":"VCID-t9da-mp3u-wbg7","summary":"An integer underflow vulnerability has been reported in The Sleuth Kit\n    allowing for the user-assisted execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2799.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-2799.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2799","reference_id":"","reference_type":"","scores":[{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87854","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-2799"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2799","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2799"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=241022","reference_id":"241022","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=241022"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428293","reference_id":"428293","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=428293"},{"reference_url":"https://security.gentoo.org/glsa/200705-25","reference_id":"GLSA-200705-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200705-25"},{"reference_url":"https://security.gentoo.org/glsa/200710-19","reference_id":"GLSA-200710-19","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200710-19"},{"reference_url":"https://access.redhat.com/errata/RHSA-2007:0391","reference_id":"RHSA-2007:0391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2007:0391"},{"reference_url":"https://usn.ubuntu.com/439-2/","reference_id":"USN-439-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/439-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40389?format=json","purl":"pkg:deb/debian/file@4.21-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@4.21-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2007-2799"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t9da-mp3u-wbg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111178?format=json","vulnerability_id":"VCID-tqe2-raa9-z7hf","summary":"denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1943.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1943.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1943","reference_id":"","reference_type":"","scores":[{"value":"0.24895","scoring_system":"epss","scoring_elements":"0.96283","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1943"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1943"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8117"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1065836","reference_id":"1065836","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1065836"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738832","reference_id":"738832","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738832"},{"reference_url":"https://security.gentoo.org/glsa/201403-03","reference_id":"GLSA-201403-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201403-03"},{"reference_url":"https://security.gentoo.org/glsa/201408-11","reference_id":"GLSA-201408-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1012","reference_id":"RHSA-2014:1012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1606","reference_id":"RHSA-2014:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1765","reference_id":"RHSA-2014:1765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1765"},{"reference_url":"https://usn.ubuntu.com/2123-1/","reference_id":"USN-2123-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2123-1/"},{"reference_url":"https://usn.ubuntu.com/2126-1/","reference_id":"USN-2126-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2126-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40403?format=json","purl":"pkg:deb/debian/file@1:5.17-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.17-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-1943"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tqe2-raa9-z7hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7300?format=json","vulnerability_id":"VCID-u1eg-wmck-jycb","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8905.json","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-8905.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8905","reference_id":"","reference_type":"","scores":[{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29531","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8905"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8905","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8905"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1679181","reference_id":"1679181","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1679181"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922968","reference_id":"922968","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922968"},{"reference_url":"https://security.archlinux.org/ASA-201903-5","reference_id":"ASA-201903-5","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201903-5"},{"reference_url":"https://security.archlinux.org/AVG-907","reference_id":"AVG-907","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-907"},{"reference_url":"https://usn.ubuntu.com/3911-1/","reference_id":"USN-3911-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3911-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40437?format=json","purl":"pkg:deb/debian/file@1:5.35-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.35-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2019-8905"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u1eg-wmck-jycb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109227?format=json","vulnerability_id":"VCID-u2mw-9c4n-a3er","summary":"several","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2270.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2270.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2270","reference_id":"","reference_type":"","scores":[{"value":"0.30772","scoring_system":"epss","scoring_elements":"0.96843","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7345"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1072220","reference_id":"1072220","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1072220"},{"reference_url":"https://security.gentoo.org/glsa/201408-11","reference_id":"GLSA-201408-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-11"},{"reference_url":"https://security.gentoo.org/glsa/201503-08","reference_id":"GLSA-201503-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1012","reference_id":"RHSA-2014:1012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1606","reference_id":"RHSA-2014:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1765","reference_id":"RHSA-2014:1765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1765"},{"reference_url":"https://usn.ubuntu.com/2162-1/","reference_id":"USN-2162-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2162-1/"},{"reference_url":"https://usn.ubuntu.com/2163-1/","reference_id":"USN-2163-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2163-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40411?format=json","purl":"pkg:deb/debian/file@1:5.17-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.17-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-2270"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u2mw-9c4n-a3er"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109641?format=json","vulnerability_id":"VCID-uqcd-94g8-1khu","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3487.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3487.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3487","reference_id":"","reference_type":"","scores":[{"value":"0.14502","scoring_system":"epss","scoring_elements":"0.94607","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3487"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1107544","reference_id":"1107544","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1107544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1013","reference_id":"RHSA-2014:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1765","reference_id":"RHSA-2014:1765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1766","reference_id":"RHSA-2014:1766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://usn.ubuntu.com/2276-1/","reference_id":"USN-2276-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2276-1/"},{"reference_url":"https://usn.ubuntu.com/2278-1/","reference_id":"USN-2278-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2278-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40405?format=json","purl":"pkg:deb/debian/file@1:5.19-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-3487"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uqcd-94g8-1khu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201406?format=json","vulnerability_id":"VCID-w4z8-5t6x-ekfx","summary":"Multiple integer overflows in the (1) cdf_read_property_info and (2) cdf_read_sat functions in file before 5.02.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0947.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0947.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0947","reference_id":"","reference_type":"","scores":[{"value":"0.00392","scoring_system":"epss","scoring_elements":"0.60642","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0947"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0947","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0947"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=498682","reference_id":"498682","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=498682"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40390?format=json","purl":"pkg:deb/debian/file@5.02-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@5.02-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2009-0947"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w4z8-5t6x-ekfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/109610?format=json","vulnerability_id":"VCID-wmpp-bc11-dfe1","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0238.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0238.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0238","reference_id":"","reference_type":"","scores":[{"value":"0.24474","scoring_system":"epss","scoring_elements":"0.96236","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0237"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2270"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1098155","reference_id":"1098155","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1098155"},{"reference_url":"https://security.gentoo.org/glsa/201408-11","reference_id":"GLSA-201408-11","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201408-11"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1012","reference_id":"RHSA-2014:1012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1013","reference_id":"RHSA-2014:1013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1013"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1606","reference_id":"RHSA-2014:1606","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1606"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1765","reference_id":"RHSA-2014:1765","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1765"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1766","reference_id":"RHSA-2014:1766","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1766"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2155","reference_id":"RHSA-2015:2155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2155"},{"reference_url":"https://usn.ubuntu.com/2254-1/","reference_id":"USN-2254-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2254-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40405?format=json","purl":"pkg:deb/debian/file@1:5.19-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.19-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2014-0238"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wmpp-bc11-dfe1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/212782?format=json","vulnerability_id":"VCID-xvny-k4ea-47d4","summary":"The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a \"Python script text executable\" rule.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4604.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-4604.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-4604","reference_id":"","reference_type":"","scores":[{"value":"0.09106","scoring_system":"epss","scoring_elements":"0.92849","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-4604"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1213442","reference_id":"1213442","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1213442"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1066","reference_id":"RHSA-2015:1066","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1066"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1135","reference_id":"RHSA-2015:1135","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1135"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1186","reference_id":"RHSA-2015:1186","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1186"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1187","reference_id":"RHSA-2015:1187","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1187"},{"reference_url":"https://usn.ubuntu.com/2658-1/","reference_id":"USN-2658-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2658-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40401?format=json","purl":"pkg:deb/debian/file@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2015-4604"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xvny-k4ea-47d4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/124556?format=json","vulnerability_id":"VCID-yphb-h5ym-byby","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000249.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000249.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000249","reference_id":"","reference_type":"","scores":[{"value":"0.00138","scoring_system":"epss","scoring_elements":"0.33661","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000249"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000249","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000249"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1488053","reference_id":"1488053","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1488053"},{"reference_url":"https://security.gentoo.org/glsa/201710-02","reference_id":"GLSA-201710-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-02"},{"reference_url":"https://usn.ubuntu.com/3412-1/","reference_id":"USN-3412-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3412-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/40431?format=json","purl":"pkg:deb/debian/file@1:5.32-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.32-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40378?format=json","purl":"pkg:deb/debian/file@1:5.39-3%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40375?format=json","purl":"pkg:deb/debian/file@1:5.44-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.44-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40379?format=json","purl":"pkg:deb/debian/file@1:5.46-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.46-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/40380?format=json","purl":"pkg:deb/debian/file@1:5.47-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.47-4%3Fdistro=trixie"}],"aliases":["CVE-2017-1000249"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yphb-h5ym-byby"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/file@1:5.39-3%252Bdeb11u1%3Fdistro=trixie"}