Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-0.1?distro=trixie

Type deb

Namespace debian

Name libvorbisidec

Version 1.0.2+svn18153-0.1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1.2.1+git20180316-1

Latest_non_vulnerable_version 1.2.1+git20180316-8

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-12w2-ffkf-7bfv

vulnerability_id VCID-12w2-ffkf-7bfv

summary vorbis: insufficient validation of Huffman tree causing memory corruption in _make_decode_tree()

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2009.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2009.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-2009

reference_id

reference_type

scores

value	0.0434
scoring_system	epss
scoring_elements	0.88877
published_at	2026-04-01T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88885
published_at	2026-04-02T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.889
published_at	2026-04-04T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88903
published_at	2026-04-07T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88921
published_at	2026-04-08T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88927
published_at	2026-04-09T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88938
published_at	2026-04-11T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88933
published_at	2026-04-12T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88932
published_at	2026-04-13T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88946
published_at	2026-04-16T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88944
published_at	2026-04-18T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.8894
published_at	2026-04-21T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88957
published_at	2026-04-24T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88965
published_at	2026-04-26T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88966
published_at	2026-04-29T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88973
published_at	2026-05-05T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88988
published_at	2026-05-07T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88998
published_at	2026-05-09T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.88992
published_at	2026-05-11T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.89002
published_at	2026-05-12T12:55:00Z

value	0.0434
scoring_system	epss
scoring_elements	0.89021
published_at	2026-05-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-2009

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2009
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2009

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=444443
reference_id	444443
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=444443

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482039
reference_id	482039
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482039

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196
reference_id	669196
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196

reference_url	https://access.redhat.com/errata/RHSA-2008:0271
reference_id	RHSA-2008:0271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0271

reference_url	https://usn.ubuntu.com/861-1/
reference_id	USN-861-1
reference_type
scores
url	https://usn.ubuntu.com/861-1/

fixed_packages

url	pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-0.1?distro=trixie
purl	pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.0.2%252Bsvn18153-0.1%3Fdistro=trixie

url	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-7?distro=trixie
purl	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.2.1%252Bgit20180316-7%3Fdistro=trixie

url	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-8?distro=trixie
purl	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.2.1%252Bgit20180316-8%3Fdistro=trixie

aliases CVE-2008-2009

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-12w2-ffkf-7bfv

url VCID-55cd-r9yc-nfan

vulnerability_id VCID-55cd-r9yc-nfan

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3379.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3379.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2009-3379

reference_id

reference_type

scores

value	0.04866
scoring_system	epss
scoring_elements	0.89649
published_at	2026-05-14T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89515
published_at	2026-04-01T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89519
published_at	2026-04-02T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89532
published_at	2026-04-07T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89548
published_at	2026-04-08T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89553
published_at	2026-04-09T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.8956
published_at	2026-04-11T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89559
published_at	2026-04-12T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89554
published_at	2026-04-13T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89567
published_at	2026-04-16T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89569
published_at	2026-04-18T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89565
published_at	2026-04-21T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.8958
published_at	2026-04-24T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89584
published_at	2026-04-29T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89592
published_at	2026-05-05T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89611
published_at	2026-05-07T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89623
published_at	2026-05-09T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.8962
published_at	2026-05-11T12:55:00Z

value	0.04866
scoring_system	epss
scoring_elements	0.89629
published_at	2026-05-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2009-3379

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=531765
reference_id	531765
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=531765

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196
reference_id	669196
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379
reference_id	CVE-2009-3379
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3379

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-63

reference_id

mfsa2009-63

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2009-63

reference_url	https://access.redhat.com/errata/RHSA-2009:1561
reference_id	RHSA-2009:1561
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2009:1561

reference_url	https://usn.ubuntu.com/861-1/
reference_id	USN-861-1
reference_type
scores
url	https://usn.ubuntu.com/861-1/

fixed_packages

url	pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-0.1?distro=trixie
purl	pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.0.2%252Bsvn18153-0.1%3Fdistro=trixie

url	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-7?distro=trixie
purl	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.2.1%252Bgit20180316-7%3Fdistro=trixie

url	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-8?distro=trixie
purl	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.2.1%252Bgit20180316-8%3Fdistro=trixie

aliases CVE-2009-3379

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-55cd-r9yc-nfan

url VCID-c3vm-d9f5-2kcj

vulnerability_id VCID-c3vm-d9f5-2kcj

summary

Multiple vulnerabilities in libvorbis might lead to the execution of
    arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1419.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1419.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-1419

reference_id

reference_type

scores

value	0.13143
scoring_system	epss
scoring_elements	0.94079
published_at	2026-04-01T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94089
published_at	2026-04-02T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94099
published_at	2026-04-04T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94103
published_at	2026-04-07T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94112
published_at	2026-04-08T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94116
published_at	2026-04-09T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94121
published_at	2026-04-13T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94137
published_at	2026-04-16T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94142
published_at	2026-04-21T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94145
published_at	2026-04-29T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.9415
published_at	2026-05-05T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94161
published_at	2026-05-07T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94173
published_at	2026-05-09T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94178
published_at	2026-05-11T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94182
published_at	2026-05-12T12:55:00Z

value	0.13143
scoring_system	epss
scoring_elements	0.94196
published_at	2026-05-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-1419

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1419
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1419

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=440700
reference_id	440700
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=440700

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482518
reference_id	482518
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482518

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196
reference_id	669196
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196

reference_url	https://security.gentoo.org/glsa/200806-09
reference_id	GLSA-200806-09
reference_type
scores
url	https://security.gentoo.org/glsa/200806-09

reference_url	https://access.redhat.com/errata/RHSA-2008:0270
reference_id	RHSA-2008:0270
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0270

reference_url	https://access.redhat.com/errata/RHSA-2008:0271
reference_id	RHSA-2008:0271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0271

reference_url	https://usn.ubuntu.com/682-1/
reference_id	USN-682-1
reference_type
scores
url	https://usn.ubuntu.com/682-1/

fixed_packages

url	pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-0.1?distro=trixie
purl	pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.0.2%252Bsvn18153-0.1%3Fdistro=trixie

url	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-7?distro=trixie
purl	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.2.1%252Bgit20180316-7%3Fdistro=trixie

url	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-8?distro=trixie
purl	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.2.1%252Bgit20180316-8%3Fdistro=trixie

aliases CVE-2008-1419

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c3vm-d9f5-2kcj

url VCID-gajm-zb2s-ukgz

vulnerability_id VCID-gajm-zb2s-ukgz

summary

Multiple vulnerabilities have been found in Mozilla Firefox,
    Thunderbird, SeaMonkey, NSS, GNU IceCat, and XULRunner, some of which may
    allow execution of arbitrary code or local privilege escalation.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0444.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-0444.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2012-0444

reference_id

reference_type

scores

value	0.08566
scoring_system	epss
scoring_elements	0.9248
published_at	2026-05-14T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92368
published_at	2026-04-01T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92375
published_at	2026-04-02T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92382
published_at	2026-04-04T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92386
published_at	2026-04-07T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92398
published_at	2026-04-08T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92402
published_at	2026-04-09T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92408
published_at	2026-04-11T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92411
published_at	2026-04-12T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92409
published_at	2026-04-13T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.9242
published_at	2026-04-16T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92419
published_at	2026-04-29T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92421
published_at	2026-04-21T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92425
published_at	2026-04-26T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.9243
published_at	2026-05-05T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.9244
published_at	2026-05-07T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92449
published_at	2026-05-09T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92453
published_at	2026-05-11T12:55:00Z

value	0.08566
scoring_system	epss
scoring_elements	0.92459
published_at	2026-05-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2012-0444

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664197
reference_id	664197
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=664197

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196
reference_id	669196
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=786026
reference_id	786026
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=786026

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0444
reference_id	CVE-2012-0444
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0444

reference_url	https://security.gentoo.org/glsa/201301-01
reference_id	GLSA-201301-01
reference_type
scores
url	https://security.gentoo.org/glsa/201301-01

reference_url

https://www.mozilla.org/en-US/security/advisories/mfsa2012-07

reference_id

mfsa2012-07

reference_type

scores

value	critical
scoring_system	generic_textual
scoring_elements

url

https://www.mozilla.org/en-US/security/advisories/mfsa2012-07

reference_url	https://access.redhat.com/errata/RHSA-2012:0079
reference_id	RHSA-2012:0079
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0079

reference_url	https://access.redhat.com/errata/RHSA-2012:0136
reference_id	RHSA-2012:0136
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2012:0136

reference_url	https://usn.ubuntu.com/1350-1/
reference_id	USN-1350-1
reference_type
scores
url	https://usn.ubuntu.com/1350-1/

reference_url	https://usn.ubuntu.com/1353-1/
reference_id	USN-1353-1
reference_type
scores
url	https://usn.ubuntu.com/1353-1/

reference_url	https://usn.ubuntu.com/1355-1/
reference_id	USN-1355-1
reference_type
scores
url	https://usn.ubuntu.com/1355-1/

reference_url	https://usn.ubuntu.com/1369-1/
reference_id	USN-1369-1
reference_type
scores
url	https://usn.ubuntu.com/1369-1/

reference_url	https://usn.ubuntu.com/1370-1/
reference_id	USN-1370-1
reference_type
scores
url	https://usn.ubuntu.com/1370-1/

fixed_packages

url	pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-0.1?distro=trixie
purl	pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.0.2%252Bsvn18153-0.1%3Fdistro=trixie

url	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-7?distro=trixie
purl	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.2.1%252Bgit20180316-7%3Fdistro=trixie

url	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-8?distro=trixie
purl	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.2.1%252Bgit20180316-8%3Fdistro=trixie

aliases CVE-2012-0444

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gajm-zb2s-ukgz

url VCID-mddv-hvgp-u3aa

vulnerability_id VCID-mddv-hvgp-u3aa

summary

Multiple vulnerabilities in libvorbis might lead to the execution of
    arbitrary code.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1423.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1423.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-1423

reference_id

reference_type

scores

value	0.10744
scoring_system	epss
scoring_elements	0.93303
published_at	2026-04-01T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93312
published_at	2026-04-02T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93317
published_at	2026-04-04T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93316
published_at	2026-04-07T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93324
published_at	2026-04-08T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93329
published_at	2026-04-09T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93333
published_at	2026-04-13T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93332
published_at	2026-04-12T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.9335
published_at	2026-04-16T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93355
published_at	2026-04-18T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93362
published_at	2026-04-21T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93367
published_at	2026-04-24T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93363
published_at	2026-04-26T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.9336
published_at	2026-04-29T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93368
published_at	2026-05-05T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93381
published_at	2026-05-07T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93391
published_at	2026-05-11T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93397
published_at	2026-05-12T12:55:00Z

value	0.10744
scoring_system	epss
scoring_elements	0.93412
published_at	2026-05-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-1423

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1423
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1423

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=440709
reference_id	440709
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=440709

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482518
reference_id	482518
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=482518

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196
reference_id	669196
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=669196

reference_url	https://security.gentoo.org/glsa/200806-09
reference_id	GLSA-200806-09
reference_type
scores
url	https://security.gentoo.org/glsa/200806-09

reference_url	https://access.redhat.com/errata/RHSA-2008:0270
reference_id	RHSA-2008:0270
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0270

reference_url	https://access.redhat.com/errata/RHSA-2008:0271
reference_id	RHSA-2008:0271
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2008:0271

reference_url	https://usn.ubuntu.com/682-1/
reference_id	USN-682-1
reference_type
scores
url	https://usn.ubuntu.com/682-1/

fixed_packages

url	pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-0.1?distro=trixie
purl	pkg:deb/debian/libvorbisidec@1.0.2%2Bsvn18153-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.0.2%252Bsvn18153-0.1%3Fdistro=trixie

url	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-7?distro=trixie
purl	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.2.1%252Bgit20180316-7%3Fdistro=trixie

url	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-8?distro=trixie
purl	pkg:deb/debian/libvorbisidec@1.2.1%2Bgit20180316-8?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.2.1%252Bgit20180316-8%3Fdistro=trixie

aliases CVE-2008-1423

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mddv-hvgp-u3aa

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvorbisidec@1.0.2%252Bsvn18153-0.1%3Fdistro=trixie

Package Instance