{"url":"http://public2.vulnerablecode.io/api/packages/97950?format=json","purl":"pkg:deb/debian/gsoap@2.8.139-1?distro=trixie","type":"deb","namespace":"debian","name":"gsoap","version":"2.8.139-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54053?format=json","vulnerability_id":"VCID-2n3c-yyas-1ucd","summary":"Integer Overflow or Wraparound\nA code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13576","reference_id":"","reference_type":"","scores":[{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73706","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73743","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73746","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73733","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0076","scoring_system":"epss","scoring_elements":"0.73718","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13576"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13576","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13576"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983596","reference_id":"983596","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983596"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13576","reference_id":"CVE-2020-13576","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13576"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/97949?format=json","purl":"pkg:deb/debian/gsoap@2.8.104-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-v8ug-uhku-sbcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.104-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97947?format=json","purl":"pkg:deb/debian/gsoap@2.8.124-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-v8ug-uhku-sbcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.124-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97951?format=json","purl":"pkg:deb/debian/gsoap@2.8.135-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.135-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97950?format=json","purl":"pkg:deb/debian/gsoap@2.8.139-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.139-1%3Fdistro=trixie"}],"aliases":["CVE-2020-13576"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2n3c-yyas-1ucd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71863?format=json","vulnerability_id":"VCID-33ce-m3qb-6uct","summary":"Integer overflow in the soap_get function in Genivia gSOAP 2.7.x and 2.8.x before 2.8.48, as used on Axis cameras and other devices, allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow and application crash) via a large XML document, aka Devil's Ivy. NOTE: the large document would be blocked by many common web-server configurations on general-purpose computers.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9765","reference_id":"","reference_type":"","scores":[{"value":"0.09141","scoring_system":"epss","scoring_elements":"0.92829","published_at":"2026-06-04T12:55:00Z"},{"value":"0.09141","scoring_system":"epss","scoring_elements":"0.92841","published_at":"2026-06-05T12:55:00Z"},{"value":"0.09141","scoring_system":"epss","scoring_elements":"0.92837","published_at":"2026-06-06T12:55:00Z"},{"value":"0.09141","scoring_system":"epss","scoring_elements":"0.92833","published_at":"2026-06-07T12:55:00Z"},{"value":"0.09141","scoring_system":"epss","scoring_elements":"0.92831","published_at":"2026-06-08T12:55:00Z"},{"value":"0.09141","scoring_system":"epss","scoring_elements":"0.92845","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-9765"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9765","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9765"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/97948?format=json","purl":"pkg:deb/debian/gsoap@2.8.48-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.48-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97949?format=json","purl":"pkg:deb/debian/gsoap@2.8.104-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-v8ug-uhku-sbcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.104-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97947?format=json","purl":"pkg:deb/debian/gsoap@2.8.124-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-v8ug-uhku-sbcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.124-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97951?format=json","purl":"pkg:deb/debian/gsoap@2.8.135-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.135-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97950?format=json","purl":"pkg:deb/debian/gsoap@2.8.139-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.139-1%3Fdistro=trixie"}],"aliases":["CVE-2017-9765"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-33ce-m3qb-6uct"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54052?format=json","vulnerability_id":"VCID-39ed-8utm-vbdq","summary":"NULL Pointer Dereference\nA denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13574","reference_id":"","reference_type":"","scores":[{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35631","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35733","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35744","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35705","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35663","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35678","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13574"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13574","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13574"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983596","reference_id":"983596","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983596"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13574","reference_id":"CVE-2020-13574","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13574"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/97949?format=json","purl":"pkg:deb/debian/gsoap@2.8.104-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-v8ug-uhku-sbcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.104-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97947?format=json","purl":"pkg:deb/debian/gsoap@2.8.124-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-v8ug-uhku-sbcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.124-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97951?format=json","purl":"pkg:deb/debian/gsoap@2.8.135-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.135-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97950?format=json","purl":"pkg:deb/debian/gsoap@2.8.139-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.139-1%3Fdistro=trixie"}],"aliases":["CVE-2020-13574"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-39ed-8utm-vbdq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54056?format=json","vulnerability_id":"VCID-51a2-g9vy-2kfk","summary":"NULL Pointer Dereference\nA denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13578","reference_id":"","reference_type":"","scores":[{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35631","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35733","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35744","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35705","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35663","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35678","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13578"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13578","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13578"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983596","reference_id":"983596","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983596"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13578","reference_id":"CVE-2020-13578","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13578"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JINMAJB4WQASTKTNSPQL3V7YMSYPKIA2/","reference_id":"JINMAJB4WQASTKTNSPQL3V7YMSYPKIA2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:27:38Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JINMAJB4WQASTKTNSPQL3V7YMSYPKIA2/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00015.html","reference_id":"msg00015.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:27:38Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00015.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SMTJ3SJJ22SFLBLPKFADV7NVBH7UFA23/","reference_id":"SMTJ3SJJ22SFLBLPKFADV7NVBH7UFA23","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:27:38Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SMTJ3SJJ22SFLBLPKFADV7NVBH7UFA23/"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1189","reference_id":"TALOS-2020-1189","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:27:38Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1189"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/97949?format=json","purl":"pkg:deb/debian/gsoap@2.8.104-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-v8ug-uhku-sbcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.104-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97947?format=json","purl":"pkg:deb/debian/gsoap@2.8.124-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-v8ug-uhku-sbcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.124-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97951?format=json","purl":"pkg:deb/debian/gsoap@2.8.135-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.135-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97950?format=json","purl":"pkg:deb/debian/gsoap@2.8.139-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.139-1%3Fdistro=trixie"}],"aliases":["CVE-2020-13578"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-51a2-g9vy-2kfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54055?format=json","vulnerability_id":"VCID-atbe-41ap-qyfx","summary":"NULL Pointer Dereference\nA denial-of-service vulnerability exists in the WS-Security plugin functionality of Genivia gSOAP. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13577","reference_id":"","reference_type":"","scores":[{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35631","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35733","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35744","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35705","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35663","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00153","scoring_system":"epss","scoring_elements":"0.35678","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13577"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13577","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13577"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983596","reference_id":"983596","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983596"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13577","reference_id":"CVE-2020-13577","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13577"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/97949?format=json","purl":"pkg:deb/debian/gsoap@2.8.104-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-v8ug-uhku-sbcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.104-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97947?format=json","purl":"pkg:deb/debian/gsoap@2.8.124-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-v8ug-uhku-sbcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.124-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97951?format=json","purl":"pkg:deb/debian/gsoap@2.8.135-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.135-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97950?format=json","purl":"pkg:deb/debian/gsoap@2.8.139-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.139-1%3Fdistro=trixie"}],"aliases":["CVE-2020-13577"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-atbe-41ap-qyfx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71864?format=json","vulnerability_id":"VCID-djfv-3mk4-8yce","summary":"Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a denial of service (application abort) or possibly have unspecified other impact if a server application is built with the -DWITH_COOKIES flag. This affects the C/C++ libgsoapck/libgsoapck++ and libgsoapssl/libgsoapssl++ libraries, as these are built with that flag.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7659","reference_id":"","reference_type":"","scores":[{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.7095","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70992","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70999","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70982","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0064","scoring_system":"epss","scoring_elements":"0.70967","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7659"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7659","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7659"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/97952?format=json","purl":"pkg:deb/debian/gsoap@2.8.75-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.75-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97949?format=json","purl":"pkg:deb/debian/gsoap@2.8.104-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-v8ug-uhku-sbcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.104-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97947?format=json","purl":"pkg:deb/debian/gsoap@2.8.124-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-v8ug-uhku-sbcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.124-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97951?format=json","purl":"pkg:deb/debian/gsoap@2.8.135-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.135-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97950?format=json","purl":"pkg:deb/debian/gsoap@2.8.139-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.139-1%3Fdistro=trixie"}],"aliases":["CVE-2019-7659"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-djfv-3mk4-8yce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54051?format=json","vulnerability_id":"VCID-h3cc-98qg-9yc7","summary":"NULL Pointer Dereference\nA denial-of-service vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP. A specially crafted SOAP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13575","reference_id":"","reference_type":"","scores":[{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39363","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39408","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39379","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.3935","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39315","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0018","scoring_system":"epss","scoring_elements":"0.39403","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-13575"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13575","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13575"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983596","reference_id":"983596","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983596"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13575","reference_id":"CVE-2020-13575","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-13575"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00015.html","reference_id":"msg00015.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:28:47Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2024/02/msg00015.html"},{"reference_url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1186","reference_id":"TALOS-2020-1186","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-19T15:28:47Z/"}],"url":"https://talosintelligence.com/vulnerability_reports/TALOS-2020-1186"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/97949?format=json","purl":"pkg:deb/debian/gsoap@2.8.104-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-v8ug-uhku-sbcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.104-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97947?format=json","purl":"pkg:deb/debian/gsoap@2.8.124-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-v8ug-uhku-sbcj"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.124-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97951?format=json","purl":"pkg:deb/debian/gsoap@2.8.135-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.135-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97950?format=json","purl":"pkg:deb/debian/gsoap@2.8.139-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.139-1%3Fdistro=trixie"}],"aliases":["CVE-2020-13575"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h3cc-98qg-9yc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/71866?format=json","vulnerability_id":"VCID-v8ug-uhku-sbcj","summary":"In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4227","reference_id":"","reference_type":"","scores":[{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40265","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40304","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.40307","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.4028","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00186","scoring_system":"epss","scoring_elements":"0.4025","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4227"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4227","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4227"},{"reference_url":"https://www.genivia.com/advisory.html#Upgrade_recommendation_when_option_-c++11_is_used_to_generate_C++11_source_code","reference_id":"advisory.html#Upgrade_recommendation_when_option_-c++11_is_used_to_generate_C++11_source_code","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:45:48Z/"}],"url":"https://www.genivia.com/advisory.html#Upgrade_recommendation_when_option_-c++11_is_used_to_generate_C++11_source_code"},{"reference_url":"https://sourceforge.net/p/gsoap2/code/HEAD/tree/changelog.md","reference_id":"changelog.md","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:45:48Z/"}],"url":"https://sourceforge.net/p/gsoap2/code/HEAD/tree/changelog.md"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/97957?format=json","purl":"pkg:deb/debian/gsoap@2.8.135-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.135-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97951?format=json","purl":"pkg:deb/debian/gsoap@2.8.135-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.135-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/97950?format=json","purl":"pkg:deb/debian/gsoap@2.8.139-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.139-1%3Fdistro=trixie"}],"aliases":["CVE-2024-4227"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v8ug-uhku-sbcj"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/gsoap@2.8.139-1%3Fdistro=trixie"}