{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","type":"deb","namespace":"debian","name":"cvs","version":"2:1.12.13+real-28","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2:1.12.13+real-28+deb12u1","latest_non_vulnerable_version":"2:1.12.13+real-31","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65754?format=json","vulnerability_id":"VCID-1xde-x9a1-2ybn","summary":"Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0844.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-0844.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0844","reference_id":"","reference_type":"","scores":[{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21484","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21565","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21551","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21504","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21445","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21456","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-0844"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0844","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-0844"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616825","reference_id":"1616825","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616825"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:004","reference_id":"RHSA-2004:004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:004"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92390?format=json","purl":"pkg:deb/debian/cvs@1:1.11.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.11.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2002-0844"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1xde-x9a1-2ybn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65777?format=json","vulnerability_id":"VCID-1xmr-9z68-bydp","summary":"CVS 1.12.x, when configured to use SSH for remote repositories, might allow remote attackers to execute arbitrary code via a repository URL with a crafted hostname, as demonstrated by \"-oProxyCommand=id;localhost:/bar.\"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12836.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-12836.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12836","reference_id":"","reference_type":"","scores":[{"value":"0.02504","scoring_system":"epss","scoring_elements":"0.85622","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02504","scoring_system":"epss","scoring_elements":"0.85645","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02504","scoring_system":"epss","scoring_elements":"0.85646","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02504","scoring_system":"epss","scoring_elements":"0.85631","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02504","scoring_system":"epss","scoring_elements":"0.85644","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02504","scoring_system":"epss","scoring_elements":"0.85649","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12836"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12836","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12836"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"10","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"},{"value":"5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480800","reference_id":"1480800","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1480800"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871810","reference_id":"871810","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871810"},{"reference_url":"https://security.gentoo.org/glsa/201709-17","reference_id":"GLSA-201709-17","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-17"},{"reference_url":"https://usn.ubuntu.com/3399-1/","reference_id":"USN-3399-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3399-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92415?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-24?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-24%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2017-12836"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1xmr-9z68-bydp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65761?format=json","vulnerability_id":"VCID-4gue-t1rr-r7dd","summary":"CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed \"Entry\" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0414.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0414.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0414","reference_id":"","reference_type":"","scores":[{"value":"0.05252","scoring_system":"epss","scoring_elements":"0.90151","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05252","scoring_system":"epss","scoring_elements":"0.90167","published_at":"2026-06-05T12:55:00Z"},{"value":"0.05252","scoring_system":"epss","scoring_elements":"0.90166","published_at":"2026-06-06T12:55:00Z"},{"value":"0.05252","scoring_system":"epss","scoring_elements":"0.90164","published_at":"2026-06-07T12:55:00Z"},{"value":"0.05252","scoring_system":"epss","scoring_elements":"0.90162","published_at":"2026-06-08T12:55:00Z"},{"value":"0.05252","scoring_system":"epss","scoring_elements":"0.90178","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0414"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0414","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0414"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617197","reference_id":"1617197","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617197"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:233","reference_id":"RHSA-2004:233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:233"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92403?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-0414"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4gue-t1rr-r7dd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65759?format=json","vulnerability_id":"VCID-5czk-fp8q-4kfg","summary":"Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0396.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0396.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0396","reference_id":"","reference_type":"","scores":[{"value":"0.86593","scoring_system":"epss","scoring_elements":"0.99436","published_at":"2026-06-04T12:55:00Z"},{"value":"0.86593","scoring_system":"epss","scoring_elements":"0.99437","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0396"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617191","reference_id":"1617191","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617191"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/300.c","reference_id":"OSVDB-6305;CVE-2004-0396","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/300.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/solaris/remote/301.c","reference_id":"OSVDB-6305;CVE-2004-0396","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/solaris/remote/301.c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:190","reference_id":"RHSA-2004:190","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:190"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92399?format=json","purl":"pkg:deb/debian/cvs@1:1.12.5-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.5-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-0396"],"risk_score":1.6,"exploitability":"2.0","weighted_severity":"0.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5czk-fp8q-4kfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65756?format=json","vulnerability_id":"VCID-5rg5-1dw7-uqa1","summary":"Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0015.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0015.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0015","reference_id":"","reference_type":"","scores":[{"value":"0.37007","scoring_system":"epss","scoring_elements":"0.97244","published_at":"2026-06-04T12:55:00Z"},{"value":"0.37007","scoring_system":"epss","scoring_elements":"0.97248","published_at":"2026-06-05T12:55:00Z"},{"value":"0.37007","scoring_system":"epss","scoring_elements":"0.97249","published_at":"2026-06-06T12:55:00Z"},{"value":"0.37007","scoring_system":"epss","scoring_elements":"0.97251","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0015"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616934","reference_id":"1616934","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616934"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22187.txt","reference_id":"CVE-2003-0015;OSVDB-3227","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/22187.txt"},{"reference_url":"https://www.securityfocus.com/bid/6650/info","reference_id":"CVE-2003-0015;OSVDB-3227","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/6650/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:012","reference_id":"RHSA-2003:012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:013","reference_id":"RHSA-2003:013","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:013"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92394?format=json","purl":"pkg:deb/debian/cvs@1.11.2-5.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1.11.2-5.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2003-0015"],"risk_score":0.6,"exploitability":"2.0","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5rg5-1dw7-uqa1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65763?format=json","vulnerability_id":"VCID-e97p-5tae-77gt","summary":"Integer overflow in the \"Max-dotdot\" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consume disk space.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0417.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0417.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0417","reference_id":"","reference_type":"","scores":[{"value":"0.04491","scoring_system":"epss","scoring_elements":"0.89306","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04491","scoring_system":"epss","scoring_elements":"0.89325","published_at":"2026-06-07T12:55:00Z"},{"value":"0.04491","scoring_system":"epss","scoring_elements":"0.89326","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04491","scoring_system":"epss","scoring_elements":"0.89342","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0417"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0417","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0417"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617201","reference_id":"1617201","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617201"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:233","reference_id":"RHSA-2004:233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:233"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92403?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-0417"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e97p-5tae-77gt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65760?format=json","vulnerability_id":"VCID-eng9-n3pf-6uc3","summary":"CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0405.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0405.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0405","reference_id":"","reference_type":"","scores":[{"value":"0.01406","scoring_system":"epss","scoring_elements":"0.80812","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01406","scoring_system":"epss","scoring_elements":"0.80839","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01406","scoring_system":"epss","scoring_elements":"0.80841","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01406","scoring_system":"epss","scoring_elements":"0.80838","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01406","scoring_system":"epss","scoring_elements":"0.80835","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01406","scoring_system":"epss","scoring_elements":"0.80854","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0405"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617194","reference_id":"1617194","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617194"},{"reference_url":"https://security.gentoo.org/glsa/200404-13","reference_id":"GLSA-200404-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200404-13"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:153","reference_id":"RHSA-2004:153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:154","reference_id":"RHSA-2004:154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:154"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92397?format=json","purl":"pkg:deb/debian/cvs@1:1.12.5-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.5-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-0405"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eng9-n3pf-6uc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65757?format=json","vulnerability_id":"VCID-gqwy-ukgb-cbbm","summary":"CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0977.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0977.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0977","reference_id":"","reference_type":"","scores":[{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.8358","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83604","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83605","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83601","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83593","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01901","scoring_system":"epss","scoring_elements":"0.83607","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0977"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617113","reference_id":"1617113","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617113"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:003","reference_id":"RHSA-2004:003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:004","reference_id":"RHSA-2004:004","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:004"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92395?format=json","purl":"pkg:deb/debian/cvs@1:1.11.10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.11.10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2003-0977"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gqwy-ukgb-cbbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65768?format=json","vulnerability_id":"VCID-gxnp-1ny3-cqg9","summary":"CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1343","reference_id":"","reference_type":"","scores":[{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71374","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71418","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71425","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71402","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.71386","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00655","scoring_system":"epss","scoring_elements":"0.7141","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1343"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1343"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92410?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9-12?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-12%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-1343"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gxnp-1ny3-cqg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65764?format=json","vulnerability_id":"VCID-jnkn-e4pk-mudq","summary":"serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an \"out-of-bounds\" write for a single byte to execute arbitrary code or modify critical program data.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0418.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0418.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0418","reference_id":"","reference_type":"","scores":[{"value":"0.14279","scoring_system":"epss","scoring_elements":"0.94526","published_at":"2026-06-04T12:55:00Z"},{"value":"0.14279","scoring_system":"epss","scoring_elements":"0.94535","published_at":"2026-06-05T12:55:00Z"},{"value":"0.14279","scoring_system":"epss","scoring_elements":"0.94536","published_at":"2026-06-06T12:55:00Z"},{"value":"0.14279","scoring_system":"epss","scoring_elements":"0.94538","published_at":"2026-06-07T12:55:00Z"},{"value":"0.14279","scoring_system":"epss","scoring_elements":"0.94539","published_at":"2026-06-08T12:55:00Z"},{"value":"0.14279","scoring_system":"epss","scoring_elements":"0.94544","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0418"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0418","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0418"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617202","reference_id":"1617202","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:233","reference_id":"RHSA-2004:233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:233"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92403?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-0418"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jnkn-e4pk-mudq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65758?format=json","vulnerability_id":"VCID-khw1-bme9-mfg4","summary":"The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0180.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0180.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0180","reference_id":"","reference_type":"","scores":[{"value":"0.04165","scoring_system":"epss","scoring_elements":"0.88877","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04165","scoring_system":"epss","scoring_elements":"0.88895","published_at":"2026-06-06T12:55:00Z"},{"value":"0.04165","scoring_system":"epss","scoring_elements":"0.88894","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04165","scoring_system":"epss","scoring_elements":"0.88911","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0180"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617171","reference_id":"1617171","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617171"},{"reference_url":"https://security.gentoo.org/glsa/200404-13","reference_id":"GLSA-200404-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200404-13"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:153","reference_id":"RHSA-2004:153","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:153"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:154","reference_id":"RHSA-2004:154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:154"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92397?format=json","purl":"pkg:deb/debian/cvs@1:1.12.5-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.5-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-0180"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-khw1-bme9-mfg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65762?format=json","vulnerability_id":"VCID-mfx5-bj42-f7a2","summary":"Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0416.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0416.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0416","reference_id":"","reference_type":"","scores":[{"value":"0.40607","scoring_system":"epss","scoring_elements":"0.97438","published_at":"2026-06-04T12:55:00Z"},{"value":"0.40607","scoring_system":"epss","scoring_elements":"0.97444","published_at":"2026-06-07T12:55:00Z"},{"value":"0.40607","scoring_system":"epss","scoring_elements":"0.97446","published_at":"2026-06-08T12:55:00Z"},{"value":"0.40607","scoring_system":"epss","scoring_elements":"0.97447","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0416"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0416","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0416"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617200","reference_id":"1617200","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617200"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/392.c","reference_id":"OSVDB-6831;CVE-2004-0416","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/392.c"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:233","reference_id":"RHSA-2004:233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:233"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92403?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-0416"],"risk_score":0.8,"exploitability":"2.0","weighted_severity":"0.4","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mfx5-bj42-f7a2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65772?format=json","vulnerability_id":"VCID-mt68-jp4w-6qa9","summary":"Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an RCS file containing crafted delta fragment changes that trigger a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3846.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3846.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3846","reference_id":"","reference_type":"","scores":[{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31826","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31898","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31866","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31827","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31794","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00129","scoring_system":"epss","scoring_elements":"0.31818","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3846"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=642146","reference_id":"642146","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=642146"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0918","reference_id":"RHSA-2010:0918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0918"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92413?format=json","purl":"pkg:deb/debian/cvs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2010-3846"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mt68-jp4w-6qa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65765?format=json","vulnerability_id":"VCID-ng41-6mc7-63hw","summary":"CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0778.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0778.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0778","reference_id":"","reference_type":"","scores":[{"value":"0.04063","scoring_system":"epss","scoring_elements":"0.88736","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04063","scoring_system":"epss","scoring_elements":"0.88753","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04063","scoring_system":"epss","scoring_elements":"0.88755","published_at":"2026-06-06T12:55:00Z"},{"value":"0.04063","scoring_system":"epss","scoring_elements":"0.8877","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-0778"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0778","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0778"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617282","reference_id":"1617282","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617282"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:233","reference_id":"RHSA-2004:233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:233"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92409?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-0778"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ng41-6mc7-63hw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65774?format=json","vulnerability_id":"VCID-qnbz-a5q5-67ag","summary":"Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0804.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0804.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0804","reference_id":"","reference_type":"","scores":[{"value":"0.02507","scoring_system":"epss","scoring_elements":"0.85649","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02507","scoring_system":"epss","scoring_elements":"0.85634","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02507","scoring_system":"epss","scoring_elements":"0.85648","published_at":"2026-06-09T12:55:00Z"},{"value":"0.05699","scoring_system":"epss","scoring_elements":"0.90573","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05699","scoring_system":"epss","scoring_elements":"0.90587","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0804"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0804","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0804"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=784141","reference_id":"784141","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=784141"},{"reference_url":"https://security.gentoo.org/glsa/201701-44","reference_id":"GLSA-201701-44","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-44"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:0321","reference_id":"RHSA-2012:0321","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:0321"},{"reference_url":"https://usn.ubuntu.com/1371-1/","reference_id":"USN-1371-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1371-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92414?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2012-0804"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qnbz-a5q5-67ag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65769?format=json","vulnerability_id":"VCID-rs55-2u3q-17fv","summary":"Format string vulnerability in wrapper.c in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in a wrapper line.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1471","reference_id":"","reference_type":"","scores":[{"value":"0.05947","scoring_system":"epss","scoring_elements":"0.90808","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05947","scoring_system":"epss","scoring_elements":"0.90822","published_at":"2026-06-05T12:55:00Z"},{"value":"0.05947","scoring_system":"epss","scoring_elements":"0.90823","published_at":"2026-06-06T12:55:00Z"},{"value":"0.05947","scoring_system":"epss","scoring_elements":"0.9082","published_at":"2026-06-07T12:55:00Z"},{"value":"0.05947","scoring_system":"epss","scoring_elements":"0.90819","published_at":"2026-06-08T12:55:00Z"},{"value":"0.05947","scoring_system":"epss","scoring_elements":"0.90834","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1471"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1471","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1471"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/24182.c","reference_id":"CVE-2004-1471;OSVDB-15727","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/24182.c"},{"reference_url":"https://www.securityfocus.com/bid/10499/info","reference_id":"CVE-2004-1471;OSVDB-15727","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/10499/info"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92409?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-1471"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rs55-2u3q-17fv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65771?format=json","vulnerability_id":"VCID-trub-smqc-tuah","summary":"cvsbug in CVS 1.12.12 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files and execute arbitrary code via a symlink attack.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2693.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2693.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2693","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22509","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22593","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2258","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22532","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22483","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22488","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2693"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617740","reference_id":"1617740","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617740"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325106","reference_id":"325106","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=325106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:756","reference_id":"RHSA-2005:756","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:756"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92412?format=json","purl":"pkg:deb/debian/cvs@1:1.11.5-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.11.5-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2005-2693"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-trub-smqc-tuah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65767?format=json","vulnerability_id":"VCID-v46u-vsfv-a7e5","summary":"CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1342","reference_id":"","reference_type":"","scores":[{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56627","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56679","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56685","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56673","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56659","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00335","scoring_system":"epss","scoring_elements":"0.56677","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1342"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92410?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9-12?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-12%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2004-1342"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v46u-vsfv-a7e5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/65770?format=json","vulnerability_id":"VCID-xgz1-6hb1-vbbq","summary":"Buffer overflow in CVS before 1.11.20 allows remote attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0753.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-0753.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0753","reference_id":"","reference_type":"","scores":[{"value":"0.05354","scoring_system":"epss","scoring_elements":"0.90242","published_at":"2026-06-04T12:55:00Z"},{"value":"0.05354","scoring_system":"epss","scoring_elements":"0.90258","published_at":"2026-06-05T12:55:00Z"},{"value":"0.05354","scoring_system":"epss","scoring_elements":"0.90256","published_at":"2026-06-06T12:55:00Z"},{"value":"0.05354","scoring_system":"epss","scoring_elements":"0.90254","published_at":"2026-06-07T12:55:00Z"},{"value":"0.05354","scoring_system":"epss","scoring_elements":"0.90253","published_at":"2026-06-08T12:55:00Z"},{"value":"0.05354","scoring_system":"epss","scoring_elements":"0.90269","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0753"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0753"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617569","reference_id":"1617569","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:387","reference_id":"RHSA-2005:387","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:387"},{"reference_url":"https://usn.ubuntu.com/117-1/","reference_id":"USN-117-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/117-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/92411?format=json","purl":"pkg:deb/debian/cvs@1:1.12.9-13?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@1:1.12.9-13%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92391?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92389?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-28%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92393?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-30?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-30%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/92392?format=json","purl":"pkg:deb/debian/cvs@2:1.12.13%2Breal-31?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-31%3Fdistro=trixie"}],"aliases":["CVE-2005-0753"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xgz1-6hb1-vbbq"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/cvs@2:1.12.13%252Breal-28%3Fdistro=trixie"}