Lookup for vulnerable packages by Package URL.
| Purl | pkg:deb/debian/freeciv@2.2.1-1 |
|---|
| Type | deb |
|---|
| Namespace | debian |
|---|
| Name | freeciv |
|---|
| Version | 2.2.1-1 |
|---|
| Qualifiers |
|
|---|
| Subpath | |
|---|
| Is_vulnerable | true |
|---|
| Next_non_vulnerable_version | 2.4.3-1~bpo70+1 |
|---|
| Latest_non_vulnerable_version | 3.0.6-1+deb12u1 |
|---|
| Affected_by_vulnerabilities |
| 0 |
|
| 1 |
| url |
VCID-mfcv-fggf-cbbw |
| vulnerability_id |
VCID-mfcv-fggf-cbbw |
| summary |
A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2012-5645 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.06123 |
| scoring_system |
epss |
| scoring_elements |
0.90949 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.06123 |
| scoring_system |
epss |
| scoring_elements |
0.90963 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.06123 |
| scoring_system |
epss |
| scoring_elements |
0.90961 |
| published_at |
2026-06-06T12:55:00Z |
|
| 3 |
| value |
0.06123 |
| scoring_system |
epss |
| scoring_elements |
0.90958 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.06123 |
| scoring_system |
epss |
| scoring_elements |
0.90956 |
| published_at |
2026-06-08T12:55:00Z |
|
| 5 |
| value |
0.06123 |
| scoring_system |
epss |
| scoring_elements |
0.90973 |
| published_at |
2026-06-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2012-5645 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2012-5645
|
| risk_score |
0.1 |
| exploitability |
0.5 |
| weighted_severity |
0.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mfcv-fggf-cbbw |
|
|
|---|
| Fixing_vulnerabilities |
| 0 |
| url |
VCID-j3xv-nqx9-v3gz |
| vulnerability_id |
VCID-j3xv-nqx9-v3gz |
| summary |
freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via a scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2010-2445 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01199 |
| scoring_system |
epss |
| scoring_elements |
0.79228 |
| published_at |
2026-06-04T12:55:00Z |
|
| 1 |
| value |
0.01199 |
| scoring_system |
epss |
| scoring_elements |
0.79254 |
| published_at |
2026-06-05T12:55:00Z |
|
| 2 |
| value |
0.01199 |
| scoring_system |
epss |
| scoring_elements |
0.7926 |
| published_at |
2026-06-09T12:55:00Z |
|
| 3 |
| value |
0.01199 |
| scoring_system |
epss |
| scoring_elements |
0.79253 |
| published_at |
2026-06-07T12:55:00Z |
|
| 4 |
| value |
0.01199 |
| scoring_system |
epss |
| scoring_elements |
0.79241 |
| published_at |
2026-06-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2010-2445 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2010-2445
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j3xv-nqx9-v3gz |
|
|
|---|
| Risk_score | 0.1 |
|---|
| Resource_url | http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeciv@2.2.1-1 |
|---|