{"url":"http://public2.vulnerablecode.io/api/packages/45783?format=json","purl":"pkg:deb/debian/icecast2@2.5.0-2?distro=trixie","type":"deb","namespace":"debian","name":"icecast2","version":"2.5.0-2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178063?format=json","vulnerability_id":"VCID-5fq5-24qt-g3hj","summary":"Two vulnerabilities have been found in Icecast, possibly resulting\n    in privilege escalation or disclosure of information.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9018","reference_id":"","reference_type":"","scores":[{"value":"0.00807","scoring_system":"epss","scoring_elements":"0.7461","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00807","scoring_system":"epss","scoring_elements":"0.74681","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9018"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9018","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9018"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770222","reference_id":"770222","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770222"},{"reference_url":"https://security.gentoo.org/glsa/201412-38","reference_id":"GLSA-201412-38","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-38"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45787?format=json","purl":"pkg:deb/debian/icecast2@2.4.0-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.4.0-1.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/45781?format=json","purl":"pkg:deb/debian/icecast2@2.4.4-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.4.4-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/45783?format=json","purl":"pkg:deb/debian/icecast2@2.5.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.5.0-2%3Fdistro=trixie"}],"aliases":["CVE-2014-9018"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5fq5-24qt-g3hj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/384?format=json","vulnerability_id":"VCID-at2m-6gce-5faz","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3026","reference_id":"","reference_type":"","scores":[{"value":"0.1532","scoring_system":"epss","scoring_elements":"0.94785","published_at":"2026-06-11T12:55:00Z"},{"value":"0.1532","scoring_system":"epss","scoring_elements":"0.94803","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3026"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3026","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3026"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782120","reference_id":"782120","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782120"},{"reference_url":"https://security.gentoo.org/glsa/201508-03","reference_id":"GLSA-201508-03","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201508-03"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45789?format=json","purl":"pkg:deb/debian/icecast2@2.4.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.4.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/45781?format=json","purl":"pkg:deb/debian/icecast2@2.4.4-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.4.4-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/45783?format=json","purl":"pkg:deb/debian/icecast2@2.5.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.5.0-2%3Fdistro=trixie"}],"aliases":["CVE-2015-3026"],"risk_score":1.2,"exploitability":"0.5","weighted_severity":"2.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-at2m-6gce-5faz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202121?format=json","vulnerability_id":"VCID-bczj-uvww-vygk","summary":"icecast before 2.3.3 allows remote attackers to inject control characters such as newlines into the error loc (error.log) via a crafted URL.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4612","reference_id":"","reference_type":"","scores":[{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59504","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00374","scoring_system":"epss","scoring_elements":"0.59614","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4612"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4612","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4612"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652663","reference_id":"652663","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652663"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45786?format=json","purl":"pkg:deb/debian/icecast2@2.3.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.3.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/45781?format=json","purl":"pkg:deb/debian/icecast2@2.4.4-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.4.4-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/45783?format=json","purl":"pkg:deb/debian/icecast2@2.5.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.5.0-2%3Fdistro=trixie"}],"aliases":["CVE-2011-4612"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bczj-uvww-vygk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199858?format=json","vulnerability_id":"VCID-eyg1-nz1s-g3fj","summary":"Buffer overflow in Icecast 2.0.1 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a large number of headers.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1561","reference_id":"","reference_type":"","scores":[{"value":"0.81875","scoring_system":"epss","scoring_elements":"0.99221","published_at":"2026-06-11T12:55:00Z"},{"value":"0.81875","scoring_system":"epss","scoring_elements":"0.99224","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1561"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1561","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1561"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/remote/16763.rb","reference_id":"CVE-2004-1561;OSVDB-10406","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows_x86/remote/16763.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/568.c","reference_id":"OSVDB-10406;CVE-2004-1561","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/568.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/573.c","reference_id":"OSVDB-10406;CVE-2004-1561","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/573.c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45782?format=json","purl":"pkg:deb/debian/icecast2@2.0.2.debian-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.0.2.debian-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/45781?format=json","purl":"pkg:deb/debian/icecast2@2.4.4-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.4.4-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/45783?format=json","purl":"pkg:deb/debian/icecast2@2.5.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.5.0-2%3Fdistro=trixie"}],"aliases":["CVE-2004-1561"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eyg1-nz1s-g3fj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/180689?format=json","vulnerability_id":"VCID-pz2b-13fq-b3ev","summary":"Icecast is vulnerable to a denial of service attack allowing remote users\n    to crash the application.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-2027","reference_id":"","reference_type":"","scores":[{"value":"0.01632","scoring_system":"epss","scoring_elements":"0.82319","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01632","scoring_system":"epss","scoring_elements":"0.82381","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-2027"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2027","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2027"},{"reference_url":"https://security.gentoo.org/glsa/200405-10","reference_id":"GLSA-200405-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200405-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45784?format=json","purl":"pkg:deb/debian/icecast2@2.0.1.debian-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.0.1.debian-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/45781?format=json","purl":"pkg:deb/debian/icecast2@2.4.4-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.4.4-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/45783?format=json","purl":"pkg:deb/debian/icecast2@2.5.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.5.0-2%3Fdistro=trixie"}],"aliases":["CVE-2004-2027"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pz2b-13fq-b3ev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/175512?format=json","vulnerability_id":"VCID-qkpf-bp5h-j7dt","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18820","reference_id":"","reference_type":"","scores":[{"value":"0.62719","scoring_system":"epss","scoring_elements":"0.98405","published_at":"2026-06-11T12:55:00Z"},{"value":"0.62719","scoring_system":"epss","scoring_elements":"0.98411","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-18820"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18820","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18820"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912611","reference_id":"912611","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912611"},{"reference_url":"https://security.gentoo.org/glsa/201811-09","reference_id":"GLSA-201811-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201811-09"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45790?format=json","purl":"pkg:deb/debian/icecast2@2.4.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.4.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/45781?format=json","purl":"pkg:deb/debian/icecast2@2.4.4-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.4.4-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/45783?format=json","purl":"pkg:deb/debian/icecast2@2.5.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.5.0-2%3Fdistro=trixie"}],"aliases":["CVE-2018-18820"],"risk_score":0.3,"exploitability":"0.5","weighted_severity":"0.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qkpf-bp5h-j7dt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178064?format=json","vulnerability_id":"VCID-yx96-g54u-tua5","summary":"Two vulnerabilities have been found in Icecast, possibly resulting\n    in privilege escalation or disclosure of information.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9091","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19517","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19691","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9091"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9091","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9091"},{"reference_url":"https://security.gentoo.org/glsa/201412-38","reference_id":"GLSA-201412-38","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-38"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/45788?format=json","purl":"pkg:deb/debian/icecast2@2.4.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.4.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/45781?format=json","purl":"pkg:deb/debian/icecast2@2.4.4-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.4.4-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/45783?format=json","purl":"pkg:deb/debian/icecast2@2.5.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.5.0-2%3Fdistro=trixie"}],"aliases":["CVE-2014-9091"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yx96-g54u-tua5"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/icecast2@2.5.0-2%3Fdistro=trixie"}