{"url":"http://public2.vulnerablecode.io/api/packages/4344?format=json","purl":"pkg:deb/debian/perl@5.10.0-19lenny5","type":"deb","namespace":"debian","name":"perl","version":"5.10.0-19lenny5","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97831?format=json","vulnerability_id":"VCID-5q5y-jrh7-wqdy","summary":"Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2381.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2381.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2381","reference_id":"","reference_type":"","scores":[{"value":"0.27444","scoring_system":"epss","scoring_elements":"0.96511","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-2381"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2381","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2381"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1309214","reference_id":"1309214","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1309214"},{"reference_url":"https://security.gentoo.org/glsa/201701-75","reference_id":"GLSA-201701-75","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-75"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6206","reference_id":"RHSA-2026:6206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6206"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4346?format=json","purl":"pkg:deb/debian/perl@5.14.2-21%2Bdeb7u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5q5y-jrh7-wqdy"},{"vulnerability":"VCID-5zk5-gdjt-vkas"},{"vulnerability":"VCID-6sya-vave-ckgn"},{"vulnerability":"VCID-c7bz-v1su-a7c6"},{"vulnerability":"VCID-dx7d-j7be-93e7"},{"vulnerability":"VCID-gdan-qp8a-g7hw"},{"vulnerability":"VCID-kkth-5w9j-4fb4"},{"vulnerability":"VCID-ktn9-tw2d-37ex"},{"vulnerability":"VCID-mnar-a4cd-hqey"},{"vulnerability":"VCID-n1jt-6svb-x3e3"},{"vulnerability":"VCID-n95r-bp62-2uhr"},{"vulnerability":"VCID-r24g-mm1f-ckgp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.14.2-21%252Bdeb7u3"},{"url":"http://public2.vulnerablecode.io/api/packages/4348?format=json","purl":"pkg:deb/debian/perl@5.20.2-3%2Bdeb8u11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dx7d-j7be-93e7"},{"vulnerability":"VCID-n1jt-6svb-x3e3"},{"vulnerability":"VCID-n95r-bp62-2uhr"},{"vulnerability":"VCID-r24g-mm1f-ckgp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.20.2-3%252Bdeb8u11"}],"aliases":["CVE-2016-2381"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5q5y-jrh7-wqdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97829?format=json","vulnerability_id":"VCID-5zk5-gdjt-vkas","summary":"(1) cpan/Archive-Tar/bin/ptar, (2) cpan/Archive-Tar/bin/ptardiff, (3) cpan/Archive-Tar/bin/ptargrep, (4) cpan/CPAN/scripts/cpan, (5) cpan/Digest-SHA/shasum, (6) cpan/Encode/bin/enc2xs, (7) cpan/Encode/bin/encguess, (8) cpan/Encode/bin/piconv, (9) cpan/Encode/bin/ucmlint, (10) cpan/Encode/bin/unidump, (11) cpan/ExtUtils-MakeMaker/bin/instmodsh, (12) cpan/IO-Compress/bin/zipdetails, (13) cpan/JSON-PP/bin/json_pp, (14) cpan/Test-Harness/bin/prove, (15) dist/ExtUtils-ParseXS/lib/ExtUtils/xsubpp, (16) dist/Module-CoreList/corelist, (17) ext/Pod-Html/bin/pod2html, (18) utils/c2ph.PL, (19) utils/h2ph.PL, (20) utils/h2xs.PL, (21) utils/libnetcfg.PL, (22) utils/perlbug.PL, (23) utils/perldoc.PL, (24) utils/perlivp.PL, and (25) utils/splain.PL in Perl 5.x before 5.22.3-RC2 and 5.24 before 5.24.1-RC2 do not properly remove . (period) characters from the end of the includes directory array, which might allow local users to gain privileges via a Trojan horse module under the current working directory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1238.json","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1238.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1238","reference_id":"","reference_type":"","scores":[{"value":"0.00317","scoring_system":"epss","scoring_elements":"0.55083","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"},{"value":"6.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1355695","reference_id":"1355695","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1355695"},{"reference_url":"https://security.gentoo.org/glsa/201701-75","reference_id":"GLSA-201701-75","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-75"},{"reference_url":"https://security.gentoo.org/glsa/201812-07","reference_id":"GLSA-201812-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201812-07"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4348?format=json","purl":"pkg:deb/debian/perl@5.20.2-3%2Bdeb8u11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dx7d-j7be-93e7"},{"vulnerability":"VCID-n1jt-6svb-x3e3"},{"vulnerability":"VCID-n95r-bp62-2uhr"},{"vulnerability":"VCID-r24g-mm1f-ckgp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.20.2-3%252Bdeb8u11"}],"aliases":["CVE-2016-1238"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5zk5-gdjt-vkas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97835?format=json","vulnerability_id":"VCID-6sya-vave-ckgn","summary":"Heap-based buffer overflow in the S_regatom function in regcomp.c in Perl 5 before 5.24.3-RC1 and 5.26.x before 5.26.1-RC1 allows remote attackers to cause a denial of service (out-of-bounds write) via a regular expression with a '\\N{}' escape and the case-insensitive modifier.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12837.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12837.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12837","reference_id":"","reference_type":"","scores":[{"value":"0.0244","scoring_system":"epss","scoring_elements":"0.85453","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12883","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12883"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:P/I:N/A:N"},{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1492091","reference_id":"1492091","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1492091"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875596","reference_id":"875596","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875596"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6206","reference_id":"RHSA-2026:6206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6206"},{"reference_url":"https://usn.ubuntu.com/3478-1/","reference_id":"USN-3478-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3478-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4348?format=json","purl":"pkg:deb/debian/perl@5.20.2-3%2Bdeb8u11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dx7d-j7be-93e7"},{"vulnerability":"VCID-n1jt-6svb-x3e3"},{"vulnerability":"VCID-n95r-bp62-2uhr"},{"vulnerability":"VCID-r24g-mm1f-ckgp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.20.2-3%252Bdeb8u11"}],"aliases":["CVE-2017-12837"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6sya-vave-ckgn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97837?format=json","vulnerability_id":"VCID-c7bz-v1su-a7c6","summary":"In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12015.json","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-12015.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12015","reference_id":"","reference_type":"","scores":[{"value":"0.23878","scoring_system":"epss","scoring_elements":"0.96124","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12015"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1588760","reference_id":"1588760","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1588760"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900834","reference_id":"900834","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900834"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:2097","reference_id":"RHSA-2019:2097","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:2097"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7604","reference_id":"RHSA-2026:7604","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7604"},{"reference_url":"https://usn.ubuntu.com/3684-1/","reference_id":"USN-3684-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3684-1/"},{"reference_url":"https://usn.ubuntu.com/3684-2/","reference_id":"USN-3684-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3684-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4348?format=json","purl":"pkg:deb/debian/perl@5.20.2-3%2Bdeb8u11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dx7d-j7be-93e7"},{"vulnerability":"VCID-n1jt-6svb-x3e3"},{"vulnerability":"VCID-n95r-bp62-2uhr"},{"vulnerability":"VCID-r24g-mm1f-ckgp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.20.2-3%252Bdeb8u11"}],"aliases":["CVE-2018-12015"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c7bz-v1su-a7c6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6400?format=json","vulnerability_id":"VCID-dx7d-j7be-93e7","summary":"information disclosure","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12883.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12883.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12883","reference_id":"","reference_type":"","scores":[{"value":"0.04711","scoring_system":"epss","scoring_elements":"0.8956","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12883"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12837","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12837"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12883","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12883"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:N/A:P"},{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1492093","reference_id":"1492093","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1492093"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875597","reference_id":"875597","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875597"},{"reference_url":"https://security.archlinux.org/AVG-500","reference_id":"AVG-500","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6206","reference_id":"RHSA-2026:6206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6206"},{"reference_url":"https://usn.ubuntu.com/3478-1/","reference_id":"USN-3478-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3478-1/"},{"reference_url":"https://usn.ubuntu.com/3478-2/","reference_id":"USN-3478-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3478-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4348?format=json","purl":"pkg:deb/debian/perl@5.20.2-3%2Bdeb8u11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dx7d-j7be-93e7"},{"vulnerability":"VCID-n1jt-6svb-x3e3"},{"vulnerability":"VCID-n95r-bp62-2uhr"},{"vulnerability":"VCID-r24g-mm1f-ckgp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.20.2-3%252Bdeb8u11"},{"url":"http://public2.vulnerablecode.io/api/packages/5136?format=json","purl":"pkg:deb/debian/perl@5.24.1-3%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dx7d-j7be-93e7"},{"vulnerability":"VCID-n1jt-6svb-x3e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.24.1-3%252Bdeb9u7"},{"url":"http://public2.vulnerablecode.io/api/packages/5759?format=json","purl":"pkg:deb/debian/perl@5.28.1-6%2Bdeb10u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n1jt-6svb-x3e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.28.1-6%252Bdeb10u1"}],"aliases":["CVE-2017-12883"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dx7d-j7be-93e7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97832?format=json","vulnerability_id":"VCID-gdan-qp8a-g7hw","summary":"The XSLoader::load method in XSLoader in Perl does not properly locate .so files when called in a string eval, which might allow local users to execute arbitrary code via a Trojan horse library under the current working directory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6185.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6185.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6185","reference_id":"","reference_type":"","scores":[{"value":"0.00245","scoring_system":"epss","scoring_elements":"0.479","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-6185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6185"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1354386","reference_id":"1354386","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1354386"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829578","reference_id":"829578","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829578"},{"reference_url":"https://security.gentoo.org/glsa/201701-75","reference_id":"GLSA-201701-75","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-75"},{"reference_url":"https://usn.ubuntu.com/3625-1/","reference_id":"USN-3625-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3625-1/"},{"reference_url":"https://usn.ubuntu.com/3625-2/","reference_id":"USN-3625-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3625-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4348?format=json","purl":"pkg:deb/debian/perl@5.20.2-3%2Bdeb8u11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dx7d-j7be-93e7"},{"vulnerability":"VCID-n1jt-6svb-x3e3"},{"vulnerability":"VCID-n95r-bp62-2uhr"},{"vulnerability":"VCID-r24g-mm1f-ckgp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.20.2-3%252Bdeb8u11"}],"aliases":["CVE-2016-6185"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gdan-qp8a-g7hw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97826?format=json","vulnerability_id":"VCID-kkth-5w9j-4fb4","summary":"The canonpath function in the File::Spec module in PathTools before 3.62, as used in Perl, does not properly preserve the taint attribute of data, which might allow context-dependent attackers to bypass the taint protection mechanism via a crafted string.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8607.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8607.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8607","reference_id":"","reference_type":"","scores":[{"value":"0.05664","scoring_system":"epss","scoring_elements":"0.90537","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-8607"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8607","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8607"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1293272","reference_id":"1293272","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1293272"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810719","reference_id":"810719","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810719"},{"reference_url":"https://security.gentoo.org/glsa/201701-75","reference_id":"GLSA-201701-75","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-75"},{"reference_url":"https://usn.ubuntu.com/2878-1/","reference_id":"USN-2878-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2878-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4348?format=json","purl":"pkg:deb/debian/perl@5.20.2-3%2Bdeb8u11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dx7d-j7be-93e7"},{"vulnerability":"VCID-n1jt-6svb-x3e3"},{"vulnerability":"VCID-n95r-bp62-2uhr"},{"vulnerability":"VCID-r24g-mm1f-ckgp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.20.2-3%252Bdeb8u11"}],"aliases":["CVE-2015-8607"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kkth-5w9j-4fb4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97844?format=json","vulnerability_id":"VCID-ktn9-tw2d-37ex","summary":"Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6913.json","reference_id":"","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-6913.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-6913","reference_id":"","reference_type":"","scores":[{"value":"0.03896","scoring_system":"epss","scoring_elements":"0.88483","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-6913"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6913","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6913"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1547772","reference_id":"1547772","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1547772"},{"reference_url":"https://security.gentoo.org/glsa/201909-01","reference_id":"GLSA-201909-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:6206","reference_id":"RHSA-2026:6206","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:6206"},{"reference_url":"https://usn.ubuntu.com/3625-1/","reference_id":"USN-3625-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3625-1/"},{"reference_url":"https://usn.ubuntu.com/3625-2/","reference_id":"USN-3625-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3625-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4348?format=json","purl":"pkg:deb/debian/perl@5.20.2-3%2Bdeb8u11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dx7d-j7be-93e7"},{"vulnerability":"VCID-n1jt-6svb-x3e3"},{"vulnerability":"VCID-n95r-bp62-2uhr"},{"vulnerability":"VCID-r24g-mm1f-ckgp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.20.2-3%252Bdeb8u11"}],"aliases":["CVE-2018-6913"],"risk_score":1.8,"exploitability":"0.5","weighted_severity":"3.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ktn9-tw2d-37ex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97836?format=json","vulnerability_id":"VCID-mnar-a4cd-hqey","summary":"Race condition in the rmtree and remove_tree functions in the File-Path module before 2.13 for Perl allows attackers to set the mode on arbitrary files via vectors involving directory-permission loosening logic.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6512.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6512.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6512","reference_id":"","reference_type":"","scores":[{"value":"0.01383","scoring_system":"epss","scoring_elements":"0.80643","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-6512"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6512","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6512"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"1.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:P/A:N"},{"value":"5.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1457832","reference_id":"1457832","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1457832"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863870","reference_id":"863870","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863870"},{"reference_url":"https://security.gentoo.org/glsa/201709-12","reference_id":"GLSA-201709-12","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-12"},{"reference_url":"https://usn.ubuntu.com/3625-1/","reference_id":"USN-3625-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3625-1/"},{"reference_url":"https://usn.ubuntu.com/3625-2/","reference_id":"USN-3625-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3625-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/4348?format=json","purl":"pkg:deb/debian/perl@5.20.2-3%2Bdeb8u11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dx7d-j7be-93e7"},{"vulnerability":"VCID-n1jt-6svb-x3e3"},{"vulnerability":"VCID-n95r-bp62-2uhr"},{"vulnerability":"VCID-r24g-mm1f-ckgp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.20.2-3%252Bdeb8u11"}],"aliases":["CVE-2017-6512"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mnar-a4cd-hqey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3332?format=json","vulnerability_id":"VCID-n1jt-6svb-x3e3","summary":"signature forgery","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16156.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-16156.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-16156","reference_id":"","reference_type":"","scores":[{"value":"0.0002","scoring_system":"epss","scoring_elements":"0.05559","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-16156"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16156"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015985","reference_id":"1015985","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1015985"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2035273","reference_id":"2035273","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2035273"},{"reference_url":"https://security.archlinux.org/AVG-2630","reference_id":"AVG-2630","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2630"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:8432","reference_id":"RHSA-2025:8432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:8432"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5761?format=json","purl":"pkg:deb/debian/perl@5.36.0-7%2Bdeb12u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-zkfz-2wh8-77cg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.36.0-7%252Bdeb12u3"}],"aliases":["CVE-2020-16156"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n1jt-6svb-x3e3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97839?format=json","vulnerability_id":"VCID-n95r-bp62-2uhr","summary":"Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18312.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18312.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18312","reference_id":"","reference_type":"","scores":[{"value":"0.10713","scoring_system":"epss","scoring_elements":"0.9346","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18313","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18313"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18314"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646734","reference_id":"1646734","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646734"},{"reference_url":"https://security.gentoo.org/glsa/201909-01","reference_id":"GLSA-201909-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0001","reference_id":"RHSA-2019:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0010","reference_id":"RHSA-2019:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7604","reference_id":"RHSA-2026:7604","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7604"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5136?format=json","purl":"pkg:deb/debian/perl@5.24.1-3%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dx7d-j7be-93e7"},{"vulnerability":"VCID-n1jt-6svb-x3e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.24.1-3%252Bdeb9u7"}],"aliases":["CVE-2018-18312"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n95r-bp62-2uhr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97840?format=json","vulnerability_id":"VCID-r24g-mm1f-ckgp","summary":"Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18313.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18313.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18313","reference_id":"","reference_type":"","scores":[{"value":"0.0461","scoring_system":"epss","scoring_elements":"0.89441","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18313"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18313","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18313"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18314"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646738","reference_id":"1646738","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1646738"},{"reference_url":"https://security.gentoo.org/glsa/201909-01","reference_id":"GLSA-201909-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201909-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0001","reference_id":"RHSA-2019:0001","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:0010","reference_id":"RHSA-2019:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:7604","reference_id":"RHSA-2026:7604","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:7604"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/5136?format=json","purl":"pkg:deb/debian/perl@5.24.1-3%2Bdeb9u7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dx7d-j7be-93e7"},{"vulnerability":"VCID-n1jt-6svb-x3e3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.24.1-3%252Bdeb9u7"}],"aliases":["CVE-2018-18313"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r24g-mm1f-ckgp"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/perl@5.10.0-19lenny5"}