{"url":"http://public2.vulnerablecode.io/api/packages/44738?format=json","purl":"pkg:deb/debian/gummi@0.8.3%2Breally0.8.3-6?distro=trixie","type":"deb","namespace":"debian","name":"gummi","version":"0.8.3+really0.8.3-6","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204074?format=json","vulnerability_id":"VCID-6ftd-2ax3-jqfp","summary":"Gummi 0.6.5 allows local users to write to arbitrary files via a symlink attack on a temporary dot file that uses the name of an existing file and a (1) .aux, (2) .log, (3) .out, (4) .pdf, or (5) .toc extension for the file name, as demonstrated by .thesis.tex.aux.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7758","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15191","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-7758"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7758","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7758"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756432","reference_id":"756432","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756432"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/44736?format=json","purl":"pkg:deb/debian/gummi@0.6.5-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gummi@0.6.5-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/44737?format=json","purl":"pkg:deb/debian/gummi@0.8.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gummi@0.8.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/44735?format=json","purl":"pkg:deb/debian/gummi@0.8.3%2Breally0.8.1-0.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gummi@0.8.3%252Breally0.8.1-0.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/44739?format=json","purl":"pkg:deb/debian/gummi@0.8.3%2Breally0.8.3-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gummi@0.8.3%252Breally0.8.3-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/44738?format=json","purl":"pkg:deb/debian/gummi@0.8.3%2Breally0.8.3-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gummi@0.8.3%252Breally0.8.3-6%3Fdistro=trixie"}],"aliases":["CVE-2015-7758"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6ftd-2ax3-jqfp"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gummi@0.8.3%252Breally0.8.3-6%3Fdistro=trixie"}