{"url":"http://public2.vulnerablecode.io/api/packages/71963?format=json","purl":"pkg:ebuild/app-shells/bash@4.2_p37","type":"ebuild","namespace":"app-shells","name":"bash","version":"4.2_p37","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"4.2_p48","latest_non_vulnerable_version":"5.0_p11-r1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31734?format=json","vulnerability_id":"VCID-m98m-wbj2-zbdk","summary":"Two vulnerabilities have been found in Bash, the worst of which may\n    allow execution of arbitrary code.","references":[{"reference_url":"ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-033","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-033"},{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681278","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681278"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3410.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3410.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3410","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24209","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24354","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2448","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24514","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24297","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24364","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24409","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24425","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24383","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24327","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24344","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24334","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24306","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24181","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24168","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24127","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24011","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24092","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24158","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24104","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24124","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3410"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3410"},{"reference_url":"http://secunia.com/advisories/51086","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/51086"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201210-05.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201210-05.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/77551","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/77551"},{"reference_url":"https://hermes.opensuse.org/messages/15227834","reference_id":"","reference_type":"","scores":[],"url":"https://hermes.opensuse.org/messages/15227834"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:128","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:128"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/07/11/11","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/07/11/11"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/07/11/22","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/07/11/22"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/07/12/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/07/12/4"},{"reference_url":"http://www.securityfocus.com/bid/54937","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/54937"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681278","reference_id":"681278","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681278"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=840091","reference_id":"840091","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=840091"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:bash:4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:bash:4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:bash:4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3410","reference_id":"CVE-2012-3410","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3410"},{"reference_url":"https://security.gentoo.org/glsa/201210-05","reference_id":"GLSA-201210-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201210-05"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/71963?format=json","purl":"pkg:ebuild/app-shells/bash@4.2_p37","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-shells/bash@4.2_p37"}],"aliases":["CVE-2012-3410"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m98m-wbj2-zbdk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31733?format=json","vulnerability_id":"VCID-twyf-cbfd-hka1","summary":"Two vulnerabilities have been found in Bash, the worst of which may\n    allow execution of arbitrary code.","references":[{"reference_url":"http://lists.debian.org/debian-devel/2008/08/msg00347.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.debian.org/debian-devel/2008/08/msg00347.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5374.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-5374.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5374","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17077","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1707","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17244","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17294","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17074","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17165","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17222","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17198","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1715","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17091","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17028","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17033","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17068","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16968","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16951","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16897","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16763","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16879","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16985","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16954","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.1699","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5374"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5374","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5374"},{"reference_url":"http://secunia.com/advisories/43365","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/43365"},{"reference_url":"http://secunia.com/advisories/51086","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/51086"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201210-05.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201210-05.xml"},{"reference_url":"http://uvw.ru/report.sid.txt","reference_id":"","reference_type":"","scores":[],"url":"http://uvw.ru/report.sid.txt"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:004","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2010:004"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-0261.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-0261.html"},{"reference_url":"http://www.redhat.com/support/errata/RHSA-2011-1073.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.redhat.com/support/errata/RHSA-2011-1073.html"},{"reference_url":"http://www.securityfocus.com/bid/32733","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/32733"},{"reference_url":"http://www.vupen.com/english/advisories/2011/0414","reference_id":"","reference_type":"","scores":[],"url":"http://www.vupen.com/english/advisories/2011/0414"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=475474","reference_id":"475474","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=475474"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=509279","reference_id":"509279","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=509279"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:matthias_klose:bash-doc:3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:matthias_klose:bash-doc:3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:matthias_klose:bash-doc:3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2008-5374","reference_id":"CVE-2008-5374","reference_type":"","scores":[{"value":"6.9","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2008-5374"},{"reference_url":"https://security.gentoo.org/glsa/201210-05","reference_id":"GLSA-201210-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201210-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:0261","reference_id":"RHSA-2011:0261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:0261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1073","reference_id":"RHSA-2011:1073","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1073"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/71963?format=json","purl":"pkg:ebuild/app-shells/bash@4.2_p37","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-shells/bash@4.2_p37"}],"aliases":["CVE-2008-5374"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-twyf-cbfd-hka1"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-shells/bash@4.2_p37"}