{"url":"http://public2.vulnerablecode.io/api/packages/557492?format=json","purl":"pkg:deb/debian/chkrootkit@0.50-3","type":"deb","namespace":"debian","name":"chkrootkit","version":"0.50-3","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/62501?format=json","vulnerability_id":"VCID-n8bf-zdug-fuh5","summary":"The slapper function in chkrootkit before 0.50 does not properly quote file paths, which allows local users to execute arbitrary code via a Trojan horse executable.  NOTE: this is only a vulnerability when /tmp is not mounted with the noexec option.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0476","reference_id":"","reference_type":"","scores":[{"value":"0.11441","scoring_system":"epss","scoring_elements":"0.9373","published_at":"2026-06-04T12:55:00Z"},{"value":"0.11441","scoring_system":"epss","scoring_elements":"0.9374","published_at":"2026-06-05T12:55:00Z"},{"value":"0.11441","scoring_system":"epss","scoring_elements":"0.93739","published_at":"2026-06-07T12:55:00Z"},{"value":"0.11441","scoring_system":"epss","scoring_elements":"0.93738","published_at":"2026-06-08T12:55:00Z"},{"value":"0.11441","scoring_system":"epss","scoring_elements":"0.93745","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0476"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0476","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0476"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/33899.txt","reference_id":"CVE-2014-0476;OSVDB-107710","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/33899.txt"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/38775.rb","reference_id":"CVE-2014-0476;OSVDB-107710","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/38775.rb"},{"reference_url":"https://security.gentoo.org/glsa/201709-05","reference_id":"GLSA-201709-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-05"},{"reference_url":"https://usn.ubuntu.com/2230-1/","reference_id":"USN-2230-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2230-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/235061?format=json","purl":"pkg:deb/debian/chkrootkit@0.49-4.1%2Bdeb7u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-n8bf-zdug-fuh5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/chkrootkit@0.49-4.1%252Bdeb7u2"},{"url":"http://public2.vulnerablecode.io/api/packages/557492?format=json","purl":"pkg:deb/debian/chkrootkit@0.50-3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/chkrootkit@0.50-3"}],"aliases":["CVE-2014-0476"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n8bf-zdug-fuh5"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/chkrootkit@0.50-3"}