{"url":"http://public2.vulnerablecode.io/api/packages/95638?format=json","purl":"pkg:deb/debian/freeradius@1.0.5-1?distro=trixie","type":"deb","namespace":"debian","name":"freeradius","version":"1.0.5-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.1.0-1.2","latest_non_vulnerable_version":"3.2.8+dfsg-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68915?format=json","vulnerability_id":"VCID-1e4z-9hw6-9bam","summary":"Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRADIUS 1.0.2.5-5, and possibly other versions including 1.0.4, might allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the external database query to fail.  NOTE: this single issue is part of a larger-scale disclosure, originally by SUSE, which reported multiple issues that were disputed by FreeRADIUS.  Disputed issues included file descriptor leaks, memory disclosure, LDAP injection, and other issues.  Without additional information, the most recent FreeRADIUS report is being regarded as the authoritative source for this CVE identifier.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4744.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4744.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4744","reference_id":"","reference_type":"","scores":[{"value":"0.02525","scoring_system":"epss","scoring_elements":"0.857","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02525","scoring_system":"epss","scoring_elements":"0.85723","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02525","scoring_system":"epss","scoring_elements":"0.85725","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02525","scoring_system":"epss","scoring_elements":"0.85722","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02525","scoring_system":"epss","scoring_elements":"0.85707","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02525","scoring_system":"epss","scoring_elements":"0.85721","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4744"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4744","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4744"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617862","reference_id":"1617862","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2006:0271","reference_id":"RHSA-2006:0271","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2006:0271"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/95638?format=json","purl":"pkg:deb/debian/freeradius@1.0.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeradius@1.0.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95632?format=json","purl":"pkg:deb/debian/freeradius@3.0.21%2Bdfsg-2.2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5muc-ntps-4ffg"},{"vulnerability":"VCID-xwvg-v78q-q3hd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeradius@3.0.21%252Bdfsg-2.2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95630?format=json","purl":"pkg:deb/debian/freeradius@3.2.1%2Bdfsg-4%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5muc-ntps-4ffg"},{"vulnerability":"VCID-xwvg-v78q-q3hd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeradius@3.2.1%252Bdfsg-4%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95634?format=json","purl":"pkg:deb/debian/freeradius@3.2.7%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeradius@3.2.7%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95633?format=json","purl":"pkg:deb/debian/freeradius@3.2.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeradius@3.2.8%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2005-4744"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1e4z-9hw6-9bam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68917?format=json","vulnerability_id":"VCID-8s49-7v1h-dqcv","summary":"SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4745.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4745.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4745","reference_id":"","reference_type":"","scores":[{"value":"0.00619","scoring_system":"epss","scoring_elements":"0.70394","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00619","scoring_system":"epss","scoring_elements":"0.70435","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00619","scoring_system":"epss","scoring_elements":"0.70444","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00619","scoring_system":"epss","scoring_elements":"0.70426","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00619","scoring_system":"epss","scoring_elements":"0.70414","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00619","scoring_system":"epss","scoring_elements":"0.70437","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4745"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4745","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4745"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/95638?format=json","purl":"pkg:deb/debian/freeradius@1.0.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeradius@1.0.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95632?format=json","purl":"pkg:deb/debian/freeradius@3.0.21%2Bdfsg-2.2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5muc-ntps-4ffg"},{"vulnerability":"VCID-xwvg-v78q-q3hd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeradius@3.0.21%252Bdfsg-2.2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95630?format=json","purl":"pkg:deb/debian/freeradius@3.2.1%2Bdfsg-4%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5muc-ntps-4ffg"},{"vulnerability":"VCID-xwvg-v78q-q3hd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeradius@3.2.1%252Bdfsg-4%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95634?format=json","purl":"pkg:deb/debian/freeradius@3.2.7%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeradius@3.2.7%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95633?format=json","purl":"pkg:deb/debian/freeradius@3.2.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeradius@3.2.8%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2005-4745"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8s49-7v1h-dqcv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68919?format=json","vulnerability_id":"VCID-nz89-j5zq-8qep","summary":"Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote attackers to cause denial of service (crash) via (1) the rlm_sqlcounter module or (2) unknown vectors \"while expanding %t\".","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4746.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-4746.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4746","reference_id":"","reference_type":"","scores":[{"value":"0.01745","scoring_system":"epss","scoring_elements":"0.82879","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01745","scoring_system":"epss","scoring_elements":"0.82905","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01745","scoring_system":"epss","scoring_elements":"0.82904","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01745","scoring_system":"epss","scoring_elements":"0.82901","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01745","scoring_system":"epss","scoring_elements":"0.82893","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01745","scoring_system":"epss","scoring_elements":"0.82906","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-4746"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4746","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4746"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/95638?format=json","purl":"pkg:deb/debian/freeradius@1.0.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeradius@1.0.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95632?format=json","purl":"pkg:deb/debian/freeradius@3.0.21%2Bdfsg-2.2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5muc-ntps-4ffg"},{"vulnerability":"VCID-xwvg-v78q-q3hd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeradius@3.0.21%252Bdfsg-2.2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95630?format=json","purl":"pkg:deb/debian/freeradius@3.2.1%2Bdfsg-4%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-5muc-ntps-4ffg"},{"vulnerability":"VCID-xwvg-v78q-q3hd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeradius@3.2.1%252Bdfsg-4%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95634?format=json","purl":"pkg:deb/debian/freeradius@3.2.7%2Bdfsg-1%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeradius@3.2.7%252Bdfsg-1%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/95633?format=json","purl":"pkg:deb/debian/freeradius@3.2.8%2Bdfsg-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeradius@3.2.8%252Bdfsg-1%3Fdistro=trixie"}],"aliases":["CVE-2005-4746"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nz89-j5zq-8qep"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/freeradius@1.0.5-1%3Fdistro=trixie"}