{"url":"http://public2.vulnerablecode.io/api/packages/4126?format=json","purl":"pkg:deb/debian/a2ps@4.13-2","type":"deb","namespace":"debian","name":"a2ps","version":"4.13-2","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1:4.14-1.3","latest_non_vulnerable_version":"1:4.14-1.3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5929?format=json","vulnerability_id":"VCID-4vcs-n77f-j7fe","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0466.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0466.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0466","reference_id":"","reference_type":"","scores":[{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.57155","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.57095","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.57147","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.57146","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.57143","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00342","scoring_system":"epss","scoring_elements":"0.57128","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0466"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0466","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0466"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1082410","reference_id":"1082410","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1082410"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742902","reference_id":"742902","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742902"},{"reference_url":"https://security.archlinux.org/ASA-202005-4","reference_id":"ASA-202005-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202005-4"},{"reference_url":"https://security.archlinux.org/AVG-1150","reference_id":"AVG-1150","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1150"},{"reference_url":"https://security.gentoo.org/glsa/201701-67","reference_id":"GLSA-201701-67","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-67"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4132?format=json","purl":"pkg:deb/debian/a2ps@1:4.14-1.1%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4vcs-n77f-j7fe"},{"vulnerability":"VCID-gx71-6ps1-uqaf"},{"vulnerability":"VCID-sm34-22c1-1ufa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@1:4.14-1.1%252Bdeb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/5967?format=json","purl":"pkg:deb/debian/a2ps@1:4.14-1.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@1:4.14-1.3"}],"aliases":["CVE-2014-0466"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4vcs-n77f-j7fe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5928?format=json","vulnerability_id":"VCID-gx71-6ps1-uqaf","summary":"multiple issues","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8107.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8107.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8107","reference_id":"","reference_type":"","scores":[{"value":"0.01778","scoring_system":"epss","scoring_elements":"0.83061","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01778","scoring_system":"epss","scoring_elements":"0.83034","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01778","scoring_system":"epss","scoring_elements":"0.8305","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01778","scoring_system":"epss","scoring_elements":"0.83062","published_at":"2026-06-09T12:55:00Z"},{"value":"0.01778","scoring_system":"epss","scoring_elements":"0.83058","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8107"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8107","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8107"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:S/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1283156","reference_id":"1283156","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1283156"},{"reference_url":"https://security.archlinux.org/ASA-202005-4","reference_id":"ASA-202005-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202005-4"},{"reference_url":"https://security.archlinux.org/AVG-1150","reference_id":"AVG-1150","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1150"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5967?format=json","purl":"pkg:deb/debian/a2ps@1:4.14-1.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@1:4.14-1.3"}],"aliases":["CVE-2015-8107"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gx71-6ps1-uqaf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58434?format=json","vulnerability_id":"VCID-sm34-22c1-1ufa","summary":"The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2001-1593.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2001-1593.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2001-1593","reference_id":"","reference_type":"","scores":[{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18549","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18626","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18629","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.1859","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18509","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18526","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2001-1593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1593","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2001-1593"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0466","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0466"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1060630","reference_id":"1060630","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1060630"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737385","reference_id":"737385","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737385"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4132?format=json","purl":"pkg:deb/debian/a2ps@1:4.14-1.1%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4vcs-n77f-j7fe"},{"vulnerability":"VCID-gx71-6ps1-uqaf"},{"vulnerability":"VCID-sm34-22c1-1ufa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@1:4.14-1.1%252Bdeb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/5967?format=json","purl":"pkg:deb/debian/a2ps@1:4.14-1.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@1:4.14-1.3"}],"aliases":["CVE-2001-1593"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sm34-22c1-1ufa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58436?format=json","vulnerability_id":"VCID-tsme-pcg7-jub7","summary":"The (1) fixps (aka fixps.in) and (2) psmandup (aka psmandup.in) scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1377.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1377.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1377","reference_id":"","reference_type":"","scores":[{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22081","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22165","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22152","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22103","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22047","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22058","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1377"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1377","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1377"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286387","reference_id":"286387","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286387"},{"reference_url":"https://security.gentoo.org/glsa/200501-02","reference_id":"GLSA-200501-02","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200501-02"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4128?format=json","purl":"pkg:deb/debian/a2ps@1:4.13b-4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4vcs-n77f-j7fe"},{"vulnerability":"VCID-gx71-6ps1-uqaf"},{"vulnerability":"VCID-sm34-22c1-1ufa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@1:4.13b-4.3"}],"aliases":["CVE-2004-1377"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tsme-pcg7-jub7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/58435?format=json","vulnerability_id":"VCID-xu11-ktje-p7fx","summary":"a2ps 4.13 allows remote attackers to execute arbitrary commands via shell metacharacters in the filename.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1170.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-1170.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1170","reference_id":"","reference_type":"","scores":[{"value":"0.15592","scoring_system":"epss","scoring_elements":"0.94816","published_at":"2026-06-04T12:55:00Z"},{"value":"0.15592","scoring_system":"epss","scoring_elements":"0.94825","published_at":"2026-06-06T12:55:00Z"},{"value":"0.15592","scoring_system":"epss","scoring_elements":"0.94827","published_at":"2026-06-08T12:55:00Z"},{"value":"0.15592","scoring_system":"epss","scoring_elements":"0.94832","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1170"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1170","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1170"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=283134","reference_id":"283134","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=283134"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/24406.txt","reference_id":"CVE-2004-1170;OSVDB-9176","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/24406.txt"},{"reference_url":"https://www.securityfocus.com/bid/11025/info","reference_id":"CVE-2004-1170;OSVDB-9176","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/11025/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4128?format=json","purl":"pkg:deb/debian/a2ps@1:4.13b-4.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4vcs-n77f-j7fe"},{"vulnerability":"VCID-gx71-6ps1-uqaf"},{"vulnerability":"VCID-sm34-22c1-1ufa"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@1:4.13b-4.3"}],"aliases":["CVE-2004-1170"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xu11-ktje-p7fx"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/a2ps@4.13-2"}