{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","type":"deb","namespace":"debian","name":"pam","version":"1.5.2-6+deb12u2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"1.5.3-4","latest_non_vulnerable_version":"1.7.0-5","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18017?format=json","vulnerability_id":"VCID-brwt-evvj-vbbq","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10041.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10041.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10041","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13281","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13197","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13299","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13306","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10041"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086038","reference_id":"1086038","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086038"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus:9.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-10041","reference_id":"CVE-2024-10041","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-23T14:35:15Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-10041"},{"reference_url":"https://security.gentoo.org/glsa/202505-01","reference_id":"GLSA-202505-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202505-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10379","reference_id":"RHSA-2024:10379","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-23T14:35:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:10379"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:11250","reference_id":"RHSA-2024:11250","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-23T14:35:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:11250"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9941","reference_id":"RHSA-2024:9941","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-23T14:35:15Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9941"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2319212","reference_id":"show_bug.cgi?id=2319212","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-23T14:35:15Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2319212"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98598?format=json","purl":"pkg:deb/debian/pam@1.7.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2024-10041"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-brwt-evvj-vbbq"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184841?format=json","vulnerability_id":"VCID-2u59-9na7-vbft","summary":"Multiple vulnerabilities have been found in Linux-PAM, allowing\n    local attackers to possibly gain escalated privileges, cause a Denial of\n    Service, corrupt data, or obtain sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3316.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3316.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3316","reference_id":"","reference_type":"","scores":[{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22102","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22292","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22305","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22283","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3316"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599832","reference_id":"599832","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599832"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=637898","reference_id":"637898","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=637898"},{"reference_url":"https://security.gentoo.org/glsa/201206-31","reference_id":"GLSA-201206-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0819","reference_id":"RHSA-2010:0819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0891","reference_id":"RHSA-2010:0891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0891"},{"reference_url":"https://usn.ubuntu.com/1140-1/","reference_id":"USN-1140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1140-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98591?format=json","purl":"pkg:deb/debian/pam@1.1.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.1.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2010-3316"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2u59-9na7-vbft"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8619?format=json","vulnerability_id":"VCID-4u97-pvhd-rycm","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36394","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13227","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13331","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13338","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13314","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36394"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98588?format=json","purl":"pkg:deb/debian/pam@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2020-36394"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4u97-pvhd-rycm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201372?format=json","vulnerability_id":"VCID-5n9n-nj4m-5fex","summary":"Linux-PAM before 1.0.4 does not enforce the minimum password age (MINDAYS) as specified in /etc/shadow, which allows local users to bypass intended security policy and change their passwords sooner than specified.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0579.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0579.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0579","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19649","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19824","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.1984","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19815","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0579"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=487216","reference_id":"487216","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=487216"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514437","reference_id":"514437","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=514437"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98590?format=json","purl":"pkg:deb/debian/pam@1.0.1-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.0.1-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2009-0579"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5n9n-nj4m-5fex"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184850?format=json","vulnerability_id":"VCID-647s-54z2-dfee","summary":"Multiple vulnerabilities have been found in Linux-PAM, allowing\n    local attackers to possibly gain escalated privileges, cause a Denial of\n    Service, corrupt data, or obtain sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3149.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3149.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3149","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19627","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19803","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.1982","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19797","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3149"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3149","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3149"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=746620","reference_id":"746620","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=746620"},{"reference_url":"https://security.gentoo.org/glsa/201206-31","reference_id":"GLSA-201206-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0521","reference_id":"RHSA-2013:0521","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0521"},{"reference_url":"https://usn.ubuntu.com/1237-1/","reference_id":"USN-1237-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1237-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98594?format=json","purl":"pkg:deb/debian/pam@1.1.3-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.1.3-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2011-3149"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-647s-54z2-dfee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184845?format=json","vulnerability_id":"VCID-6h4j-86uj-hbf9","summary":"Multiple vulnerabilities have been found in Linux-PAM, allowing\n    local attackers to possibly gain escalated privileges, cause a Denial of\n    Service, corrupt data, or obtain sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3853.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3853.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3853","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.169","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.17057","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.17068","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.17043","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3853"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3853","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3853"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608273","reference_id":"608273","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608273"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=643043","reference_id":"643043","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=643043"},{"reference_url":"https://security.gentoo.org/glsa/201206-31","reference_id":"GLSA-201206-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0819","reference_id":"RHSA-2010:0819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0891","reference_id":"RHSA-2010:0891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0891"},{"reference_url":"https://usn.ubuntu.com/1140-1/","reference_id":"USN-1140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1140-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98592?format=json","purl":"pkg:deb/debian/pam@1.1.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.1.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2010-3853"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6h4j-86uj-hbf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218742?format=json","vulnerability_id":"VCID-79c8-hwnh-2kbh","summary":"pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use_uid option disabled, allows local users to spoof log entries and gain privileges by causing getlogin() to return a spoofed user name.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0388.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0388.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0388","reference_id":"","reference_type":"","scores":[{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35858","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36038","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36061","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36049","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2003-0388"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617025","reference_id":"1617025","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617025"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/22781.txt","reference_id":"CVE-2003-0388;OSVDB-9027","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/22781.txt"},{"reference_url":"https://www.securityfocus.com/bid/7929/info","reference_id":"CVE-2003-0388;OSVDB-9027","reference_type":"exploit","scores":[],"url":"https://www.securityfocus.com/bid/7929/info"},{"reference_url":"https://access.redhat.com/errata/RHSA-2004:304","reference_id":"RHSA-2004:304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2004:304"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98588?format=json","purl":"pkg:deb/debian/pam@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2003-0388"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-79c8-hwnh-2kbh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184842?format=json","vulnerability_id":"VCID-7ch9-xv7r-2fe5","summary":"Multiple vulnerabilities have been found in Linux-PAM, allowing\n    local attackers to possibly gain escalated privileges, cause a Denial of\n    Service, corrupt data, or obtain sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3430.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3430.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3430","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18782","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18947","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18965","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.1894","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3430"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3430","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3430"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599832","reference_id":"599832","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599832"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=641361","reference_id":"641361","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=641361"},{"reference_url":"https://security.gentoo.org/glsa/201206-31","reference_id":"GLSA-201206-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-31"},{"reference_url":"https://usn.ubuntu.com/1140-1/","reference_id":"USN-1140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1140-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98592?format=json","purl":"pkg:deb/debian/pam@1.1.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.1.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2010-3430"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7ch9-xv7r-2fe5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5075?format=json","vulnerability_id":"VCID-8h1f-sb81-9ubn","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17953.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17953.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17953","reference_id":"","reference_type":"","scores":[{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61972","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61967","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.63256","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00434","scoring_system":"epss","scoring_elements":"0.63358","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17953"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1652593","reference_id":"1652593","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1652593"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98588?format=json","purl":"pkg:deb/debian/pam@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2018-17953"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8h1f-sb81-9ubn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199407?format=json","vulnerability_id":"VCID-92wd-tzvv-q7f4","summary":"PAM 0.76 treats a disabled password as if it were an empty (null) password, which allows local and remote attackers to gain privileges as disabled users.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1227","reference_id":"","reference_type":"","scores":[{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72885","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72963","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72978","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00717","scoring_system":"epss","scoring_elements":"0.72976","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1227"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1227","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1227"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98585?format=json","purl":"pkg:deb/debian/pam@0.76-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@0.76-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2002-1227"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-92wd-tzvv-q7f4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184846?format=json","vulnerability_id":"VCID-atx8-yvg6-rqa2","summary":"Multiple vulnerabilities have been found in Linux-PAM, allowing\n    local attackers to possibly gain escalated privileges, cause a Denial of\n    Service, corrupt data, or obtain sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4706.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4706.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4706","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15795","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15931","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15941","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15908","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4706"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4706","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4706"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=672482","reference_id":"672482","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=672482"},{"reference_url":"https://security.gentoo.org/glsa/201206-31","reference_id":"GLSA-201206-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-31"},{"reference_url":"https://usn.ubuntu.com/1140-1/","reference_id":"USN-1140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1140-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98592?format=json","purl":"pkg:deb/debian/pam@1.1.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.1.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2010-4706"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-atx8-yvg6-rqa2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178045?format=json","vulnerability_id":"VCID-b2h5-c69c-w7a4","summary":"Multiple vulnerabilities have been found in Linux-PAM, allowing\n    remote attackers to bypass the auth process and cause Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7041.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7041.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7041","reference_id":"","reference_type":"","scores":[{"value":"0.02605","scoring_system":"epss","scoring_elements":"0.85954","published_at":"2026-06-11T12:55:00Z"},{"value":"0.02605","scoring_system":"epss","scoring_elements":"0.86004","published_at":"2026-06-12T12:55:00Z"},{"value":"0.02605","scoring_system":"epss","scoring_elements":"0.86014","published_at":"2026-06-13T12:55:00Z"},{"value":"0.02605","scoring_system":"epss","scoring_elements":"0.86007","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-7041"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7041","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7041"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1038555","reference_id":"1038555","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1038555"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731368","reference_id":"731368","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731368"},{"reference_url":"https://security.gentoo.org/glsa/201605-05","reference_id":"GLSA-201605-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-05"},{"reference_url":"https://usn.ubuntu.com/2935-1/","reference_id":"USN-2935-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2935-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98596?format=json","purl":"pkg:deb/debian/pam@1.1.8-3.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.1.8-3.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2013-7041"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b2h5-c69c-w7a4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184844?format=json","vulnerability_id":"VCID-b8pd-3fcx-m3fp","summary":"Multiple vulnerabilities have been found in Linux-PAM, allowing\n    local attackers to possibly gain escalated privileges, cause a Denial of\n    Service, corrupt data, or obtain sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3435.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3435.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3435","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24964","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25164","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25184","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25171","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3435"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3435","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3435"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599832","reference_id":"599832","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599832"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=641335","reference_id":"641335","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=641335"},{"reference_url":"https://security.gentoo.org/glsa/201206-31","reference_id":"GLSA-201206-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0819","reference_id":"RHSA-2010:0819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0891","reference_id":"RHSA-2010:0891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0891"},{"reference_url":"https://usn.ubuntu.com/1140-1/","reference_id":"USN-1140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1140-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98592?format=json","purl":"pkg:deb/debian/pam@1.1.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.1.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2010-3435"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b8pd-3fcx-m3fp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18230?format=json","vulnerability_id":"VCID-djwy-6uhm-5qbn","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22365.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-22365.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22365","reference_id":"","reference_type":"","scores":[{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24719","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24912","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24929","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00085","scoring_system":"epss","scoring_elements":"0.24917","published_at":"2026-06-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-22365"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22365","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22365"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb","reference_id":"031bb5a5d0d950253b68138b498dc93be69a64cb","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T21:07:13Z/"}],"url":"https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061097","reference_id":"1061097","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061097"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257722","reference_id":"2257722","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257722"},{"reference_url":"http://www.openwall.com/lists/oss-security/2024/01/18/3","reference_id":"3","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T21:07:13Z/"}],"url":"http://www.openwall.com/lists/oss-security/2024/01/18/3"},{"reference_url":"https://github.com/linux-pam/linux-pam","reference_id":"linux-pam","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T21:07:13Z/"}],"url":"https://github.com/linux-pam/linux-pam"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2438","reference_id":"RHSA-2024:2438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3163","reference_id":"RHSA-2024:3163","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3163"},{"reference_url":"https://usn.ubuntu.com/6588-1/","reference_id":"USN-6588-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6588-1/"},{"reference_url":"https://usn.ubuntu.com/6588-2/","reference_id":"USN-6588-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6588-2/"},{"reference_url":"https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0","reference_id":"v1.6.0","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T21:07:13Z/"}],"url":"https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98599?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98600?format=json","purl":"pkg:deb/debian/pam@1.5.3-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.3-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2024-22365"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-djwy-6uhm-5qbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218743?format=json","vulnerability_id":"VCID-e5hx-6yue-xua3","summary":"pam_unix.so in Linux-PAM 0.99.7.0 allows context-dependent attackers to log into accounts whose password hash, as stored in /etc/passwd or /etc/shadow, has only two characters.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0003.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-0003.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0003","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21935","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.22124","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.22135","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2211","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-0003"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98588?format=json","purl":"pkg:deb/debian/pam@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2007-0003"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e5hx-6yue-xua3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25730?format=json","vulnerability_id":"VCID-gttr-pcaf-xkb2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6018.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6018.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6018","reference_id":"","reference_type":"","scores":[{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25721","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25723","published_at":"2026-06-14T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.2574","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25521","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6018"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-6018","reference_id":"CVE-2025-6018","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-07-23T15:12:35Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-6018"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/52386.py","reference_id":"CVE-2025-6018","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/52386.py"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1243226","reference_id":"show_bug.cgi?id=1243226","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-07-23T15:12:35Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1243226"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372693","reference_id":"show_bug.cgi?id=2372693","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-07-23T15:12:35Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372693"},{"reference_url":"https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt","reference_id":"suse15-pam-udisks-lpe.txt","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-07-23T15:12:35Z/"}],"url":"https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98588?format=json","purl":"pkg:deb/debian/pam@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2025-6018"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gttr-pcaf-xkb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/165479?format=json","vulnerability_id":"VCID-hwnf-5dh9-2bgs","summary":"The Linux-PAM package before 1.5.2-6.1 for openSUSE Tumbleweed allows authentication bypass for SSH logins. The pam_access.so module doesn't correctly restrict login if a user tries to connect from an IP address that is not resolvable via DNS. In such conditions, a user with denied access to a machine can still get access. NOTE: the relevance of this issue is largely limited to openSUSE Tumbleweed and openSUSE Factory; it does not affect Linux-PAM upstream.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28321.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28321.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28321","reference_id":"","reference_type":"","scores":[{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52977","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52851","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52979","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00291","scoring_system":"epss","scoring_elements":"0.52995","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28321"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2175261","reference_id":"2175261","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2175261"},{"reference_url":"https://www.suse.com/security/cve/CVE-2022-28321.html","reference_id":"CVE-2022-28321.html","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-29T15:30:31Z/"}],"url":"https://www.suse.com/security/cve/CVE-2022-28321.html"},{"reference_url":"https://bugzilla.suse.com/show_bug.cgi?id=1197654","reference_id":"show_bug.cgi?id=1197654","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-29T15:30:31Z/"}],"url":"https://bugzilla.suse.com/show_bug.cgi?id=1197654"},{"reference_url":"http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/","reference_id":"src","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-29T15:30:31Z/"}],"url":"http://download.opensuse.org/source/distribution/openSUSE-current/repo/oss/src/"},{"reference_url":"https://usn.ubuntu.com/5825-1/","reference_id":"USN-5825-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5825-1/"},{"reference_url":"https://usn.ubuntu.com/5825-2/","reference_id":"USN-5825-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5825-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98588?format=json","purl":"pkg:deb/debian/pam@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2022-28321"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hwnf-5dh9-2bgs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201533?format=json","vulnerability_id":"VCID-js8r-m9nk-w3dh","summary":"pam-auth-update for PAM, as used in Ubuntu 8.10 and 9.4, and Debian GNU/Linux, does not properly handle an \"empty selection\" for system authentication modules in certain rare configurations, which causes any attempt to be successful and allows remote attackers to bypass authentication.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3232","reference_id":"","reference_type":"","scores":[{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.68037","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.68125","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.68138","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00539","scoring_system":"epss","scoring_elements":"0.68134","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-3232"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3232","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3232"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=519927","reference_id":"519927","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=519927"},{"reference_url":"https://usn.ubuntu.com/828-1/","reference_id":"USN-828-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/828-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98590?format=json","purl":"pkg:deb/debian/pam@1.0.1-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.0.1-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2009-3232"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-js8r-m9nk-w3dh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/202055?format=json","vulnerability_id":"VCID-kqax-san2-t3fw","summary":"Untrusted search path vulnerability in pam_motd (aka the MOTD module) in libpam-modules before 1.1.3-2ubuntu2.1 on Ubuntu 11.10, before 1.1.2-2ubuntu8.4 on Ubuntu 11.04, before 1.1.1-4ubuntu2.4 on Ubuntu 10.10, before 1.1.1-2ubuntu5.4 on Ubuntu 10.04 LTS, and before 0.99.7.1-5ubuntu6.5 on Ubuntu 8.04 LTS, when using certain configurations such as \"session optional pam_motd.so\", allows local users to gain privileges by modifying the PATH environment variable to reference a malicious command, as demonstrated via uname.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3628","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21236","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21418","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21431","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21405","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3628"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3628","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3628"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670076","reference_id":"670076","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=670076"},{"reference_url":"https://usn.ubuntu.com/1237-1/","reference_id":"USN-1237-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1237-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98595?format=json","purl":"pkg:deb/debian/pam@1.1.3-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.1.3-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2011-3628"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kqax-san2-t3fw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184849?format=json","vulnerability_id":"VCID-mhj1-p66n-vyde","summary":"Multiple vulnerabilities have been found in Linux-PAM, allowing\n    local attackers to possibly gain escalated privileges, cause a Denial of\n    Service, corrupt data, or obtain sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3148.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3148.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3148","reference_id":"","reference_type":"","scores":[{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36514","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36693","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36718","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00158","scoring_system":"epss","scoring_elements":"0.36707","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-3148"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3148","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3148"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=746619","reference_id":"746619","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=746619"},{"reference_url":"https://security.gentoo.org/glsa/201206-31","reference_id":"GLSA-201206-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0521","reference_id":"RHSA-2013:0521","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0521"},{"reference_url":"https://usn.ubuntu.com/1237-1/","reference_id":"USN-1237-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1237-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98594?format=json","purl":"pkg:deb/debian/pam@1.1.3-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.1.3-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2011-3148"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mhj1-p66n-vyde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/18043?format=json","vulnerability_id":"VCID-r2ma-rnbf-byhy","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10963.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-10963.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10963","reference_id":"","reference_type":"","scores":[{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.69066","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.68966","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.69059","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00567","scoring_system":"epss","scoring_elements":"0.69071","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-10963"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087019","reference_id":"1087019","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1087019"},{"reference_url":"https://github.com/linux-pam/linux-pam/issues/834","reference_id":"834","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T18:27:30Z/"}],"url":"https://github.com/linux-pam/linux-pam/issues/834"},{"reference_url":"https://github.com/linux-pam/linux-pam/pull/835","reference_id":"835","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T18:27:30Z/"}],"url":"https://github.com/linux-pam/linux-pam/pull/835"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9","reference_id":"cpe:/a:redhat:openshift:4.16::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.16::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9","reference_id":"cpe:/a:redhat:openshift:4.17::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4.17::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ai:2.16::el8","reference_id":"cpe:/a:redhat:openshift_ai:2.16::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_ai:2.16::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus:9.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-10963","reference_id":"CVE-2024-10963","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T18:27:30Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-10963"},{"reference_url":"https://security.gentoo.org/glsa/202508-01","reference_id":"GLSA-202508-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202508-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10232","reference_id":"RHSA-2024:10232","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T18:27:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:10232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10244","reference_id":"RHSA-2024:10244","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T18:27:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:10244"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10379","reference_id":"RHSA-2024:10379","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T18:27:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:10379"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10518","reference_id":"RHSA-2024:10518","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T18:27:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:10518"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10528","reference_id":"RHSA-2024:10528","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T18:27:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:10528"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10852","reference_id":"RHSA-2024:10852","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T18:27:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:10852"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2324291","reference_id":"show_bug.cgi?id=2324291","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-07T18:27:30Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2324291"},{"reference_url":"https://usn.ubuntu.com/7761-1/","reference_id":"USN-7761-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7761-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98588?format=json","purl":"pkg:deb/debian/pam@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2024-10963"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r2ma-rnbf-byhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184847?format=json","vulnerability_id":"VCID-s3pd-hqwy-jygx","summary":"Multiple vulnerabilities have been found in Linux-PAM, allowing\n    local attackers to possibly gain escalated privileges, cause a Denial of\n    Service, corrupt data, or obtain sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4707.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4707.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4707","reference_id":"","reference_type":"","scores":[{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.2636","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26562","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26578","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26564","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4707"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4707","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4707"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=672486","reference_id":"672486","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=672486"},{"reference_url":"https://security.gentoo.org/glsa/201206-31","reference_id":"GLSA-201206-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0819","reference_id":"RHSA-2010:0819","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0891","reference_id":"RHSA-2010:0891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0891"},{"reference_url":"https://usn.ubuntu.com/1140-1/","reference_id":"USN-1140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1140-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98592?format=json","purl":"pkg:deb/debian/pam@1.1.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.1.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2010-4707"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s3pd-hqwy-jygx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/395?format=json","vulnerability_id":"VCID-szk8-hphp-kqh2","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3238.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3238.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3238","reference_id":"","reference_type":"","scores":[{"value":"0.0303","scoring_system":"epss","scoring_elements":"0.86947","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0303","scoring_system":"epss","scoring_elements":"0.86993","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0303","scoring_system":"epss","scoring_elements":"0.87003","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0303","scoring_system":"epss","scoring_elements":"0.86999","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3238"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1228571","reference_id":"1228571","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1228571"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789986","reference_id":"789986","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789986"},{"reference_url":"https://security.gentoo.org/glsa/201605-05","reference_id":"GLSA-201605-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1640","reference_id":"RHSA-2015:1640","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1640"},{"reference_url":"https://usn.ubuntu.com/2935-1/","reference_id":"USN-2935-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2935-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98597?format=json","purl":"pkg:deb/debian/pam@1.1.8-3.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.1.8-3.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2015-3238"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-szk8-hphp-kqh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178046?format=json","vulnerability_id":"VCID-tpjk-fbs3-6fhn","summary":"Multiple vulnerabilities have been found in Linux-PAM, allowing\n    remote attackers to bypass the auth process and cause Denial of Service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2583.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2583.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2583","reference_id":"","reference_type":"","scores":[{"value":"0.01506","scoring_system":"epss","scoring_elements":"0.81578","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01506","scoring_system":"epss","scoring_elements":"0.81638","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01506","scoring_system":"epss","scoring_elements":"0.81647","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01506","scoring_system":"epss","scoring_elements":"0.81639","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2583"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2583","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2583"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1080243","reference_id":"1080243","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1080243"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757555","reference_id":"757555","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757555"},{"reference_url":"https://security.gentoo.org/glsa/201605-05","reference_id":"GLSA-201605-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201605-05"},{"reference_url":"https://usn.ubuntu.com/2935-1/","reference_id":"USN-2935-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2935-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98596?format=json","purl":"pkg:deb/debian/pam@1.1.8-3.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.1.8-3.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2014-2583"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tpjk-fbs3-6fhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184848?format=json","vulnerability_id":"VCID-uew1-v6b8-k3d7","summary":"Multiple vulnerabilities have been found in Linux-PAM, allowing\n    local attackers to possibly gain escalated privileges, cause a Denial of\n    Service, corrupt data, or obtain sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4708.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4708.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4708","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.26892","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27094","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27112","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.27098","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-4708"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4708","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4708"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611136","reference_id":"611136","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=611136"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=672489","reference_id":"672489","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=672489"},{"reference_url":"https://security.gentoo.org/glsa/201206-31","reference_id":"GLSA-201206-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-31"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0891","reference_id":"RHSA-2010:0891","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0891"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98593?format=json","purl":"pkg:deb/debian/pam@1.1.3-7.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.1.3-7.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2010-4708"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uew1-v6b8-k3d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/8408?format=json","vulnerability_id":"VCID-uyg9-p9hn-k7a3","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27780.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27780.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27780","reference_id":"","reference_type":"","scores":[{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63786","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63888","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.63902","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00444","scoring_system":"epss","scoring_elements":"0.639","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-27780"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1901094","reference_id":"1901094","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1901094"},{"reference_url":"https://security.archlinux.org/ASA-202012-13","reference_id":"ASA-202012-13","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202012-13"},{"reference_url":"https://security.archlinux.org/AVG-1297","reference_id":"AVG-1297","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1297"},{"reference_url":"https://security.gentoo.org/glsa/202012-06","reference_id":"GLSA-202012-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202012-06"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98588?format=json","purl":"pkg:deb/debian/pam@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2020-27780"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uyg9-p9hn-k7a3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/218744?format=json","vulnerability_id":"VCID-w9n4-3t6f-zqbe","summary":"pam_motd (aka the MOTD module) in libpam-modules before 1.1.0-2ubuntu1.1 in PAM on Ubuntu 9.10 and libpam-modules before 1.1.1-2ubuntu5 in PAM on Ubuntu 10.04 LTS allows local users to change the ownership of arbitrary files via a symlink attack on .cache in a user's home directory, related to \"user file stamps\" and the motd.legal-notice file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0832","reference_id":"","reference_type":"","scores":[{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.331","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33281","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33301","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00135","scoring_system":"epss","scoring_elements":"0.33277","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0832"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/14339.sh","reference_id":"CVE-2010-0832","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/14339.sh"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/14273.sh","reference_id":"CVE-2010-0832;OSVDB-66116","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/14273.sh"},{"reference_url":"https://usn.ubuntu.com/959-1/","reference_id":"USN-959-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/959-1/"},{"reference_url":"https://usn.ubuntu.com/959-2/","reference_id":"USN-959-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/959-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98588?format=json","purl":"pkg:deb/debian/pam@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2010-0832"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w9n4-3t6f-zqbe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184843?format=json","vulnerability_id":"VCID-wd1g-8jd1-akcf","summary":"Multiple vulnerabilities have been found in Linux-PAM, allowing\n    local attackers to possibly gain escalated privileges, cause a Denial of\n    Service, corrupt data, or obtain sensitive information.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3431.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3431.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3431","reference_id":"","reference_type":"","scores":[{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23318","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23513","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23526","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00078","scoring_system":"epss","scoring_elements":"0.23505","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3431"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3431","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3431"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599832","reference_id":"599832","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599832"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=641361","reference_id":"641361","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=641361"},{"reference_url":"https://security.gentoo.org/glsa/201206-31","reference_id":"GLSA-201206-31","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-31"},{"reference_url":"https://usn.ubuntu.com/1140-1/","reference_id":"USN-1140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1140-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98592?format=json","purl":"pkg:deb/debian/pam@1.1.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.1.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2010-3431"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wd1g-8jd1-akcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/182302?format=json","vulnerability_id":"VCID-wepk-yxdg-83fu","summary":"An error in the handling of user names of Linux-PAM might allow remote\n    attackers to cause a Denial of Service or escalate privileges.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0887.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0887.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0887","reference_id":"","reference_type":"","scores":[{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43859","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.44013","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.44032","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.4402","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-0887"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0887","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0887"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=489932","reference_id":"489932","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=489932"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520115","reference_id":"520115","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520115"},{"reference_url":"https://security.gentoo.org/glsa/200909-01","reference_id":"GLSA-200909-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200909-01"},{"reference_url":"https://usn.ubuntu.com/1140-1/","reference_id":"USN-1140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1140-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98590?format=json","purl":"pkg:deb/debian/pam@1.0.1-10?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.0.1-10%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2009-0887"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wepk-yxdg-83fu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/185620?format=json","vulnerability_id":"VCID-wt5p-apfy-gkd2","summary":"A vulnerability in the SELinux version of PAM allows a local attacker to\n    brute-force system passwords.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2977.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2005-2977.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2977","reference_id":"","reference_type":"","scores":[{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22899","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.23096","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.23108","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.23087","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-2977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2977"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617773","reference_id":"1617773","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1617773"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=336344","reference_id":"336344","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=336344"},{"reference_url":"https://security.gentoo.org/glsa/200510-22","reference_id":"GLSA-200510-22","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200510-22"},{"reference_url":"https://access.redhat.com/errata/RHSA-2005:805","reference_id":"RHSA-2005:805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2005:805"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98589?format=json","purl":"pkg:deb/debian/pam@0.99.7.1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@0.99.7.1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2005-2977"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wt5p-apfy-gkd2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/25732?format=json","vulnerability_id":"VCID-yj1q-6tgx-7bbc","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6020.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6020.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6020","reference_id":"","reference_type":"","scores":[{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22277","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22095","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22286","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00072","scoring_system":"epss","scoring_elements":"0.22298","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6020"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6020","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6020"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107919","reference_id":"1107919","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107919"},{"reference_url":"https://security.archlinux.org/AVG-2901","reference_id":"AVG-2901","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2901"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cert_manager:1.16::el9","reference_id":"cpe:/a:redhat:cert_manager:1.16::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:cert_manager:1.16::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:confidential_compute_attestation:1.10::el9","reference_id":"cpe:/a:redhat:confidential_compute_attestation:1.10::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:confidential_compute_attestation:1.10::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9","reference_id":"cpe:/a:redhat:discovery:2::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9","reference_id":"cpe:/a:redhat:insights_proxy:1.5::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_compliance_operator:1::el9","reference_id":"cpe:/a:redhat:openshift_compliance_operator:1::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_compliance_operator:1::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_distributed_tracing:3.6::el8","reference_id":"cpe:/a:redhat:openshift_distributed_tracing:3.6::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_serverless:1.36::el8","reference_id":"cpe:/a:redhat:openshift_serverless:1.36::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_serverless:1.36::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8","reference_id":"cpe:/a:redhat:rhosemc:1.0::el8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhosemc:1.0::el8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.11::el9","reference_id":"cpe:/a:redhat:webterminal:1.11::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.11::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.12::el9","reference_id":"cpe:/a:redhat:webterminal:1.12::el9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:webterminal:1.12::el9"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos","reference_id":"cpe:/o:redhat:enterprise_linux:9::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0","reference_id":"cpe:/o:redhat:enterprise_linux_eus:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux_eus:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_aus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.8::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:9.0::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.0::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos","reference_id":"cpe:/o:redhat:rhel_e4s:9.2::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:9.2::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos","reference_id":"cpe:/o:redhat:rhel_eus:9.4::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.4::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.6::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.6::baseos"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos","reference_id":"cpe:/o:redhat:rhel_tus:8.8::baseos","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.8::baseos"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-6020","reference_id":"CVE-2025-6020","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-6020"},{"reference_url":"https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx","reference_id":"GHSA-f9p8-gjr4-j9gx","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://github.com/linux-pam/linux-pam/security/advisories/GHSA-f9p8-gjr4-j9gx"},{"reference_url":"https://security.gentoo.org/glsa/202508-01","reference_id":"GLSA-202508-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202508-01"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10024","reference_id":"RHSA-2025:10024","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10024"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10027","reference_id":"RHSA-2025:10027","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10180","reference_id":"RHSA-2025:10180","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10180"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10354","reference_id":"RHSA-2025:10354","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10357","reference_id":"RHSA-2025:10357","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10357"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10358","reference_id":"RHSA-2025:10358","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10358"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10359","reference_id":"RHSA-2025:10359","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10359"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10361","reference_id":"RHSA-2025:10361","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10361"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10362","reference_id":"RHSA-2025:10362","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10362"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10735","reference_id":"RHSA-2025:10735","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10735"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10823","reference_id":"RHSA-2025:10823","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11386","reference_id":"RHSA-2025:11386","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:11386"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:11487","reference_id":"RHSA-2025:11487","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:11487"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14557","reference_id":"RHSA-2025:14557","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:14557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15099","reference_id":"RHSA-2025:15099","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:15099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15709","reference_id":"RHSA-2025:15709","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:15709"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15827","reference_id":"RHSA-2025:15827","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:15827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15828","reference_id":"RHSA-2025:15828","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:15828"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:16524","reference_id":"RHSA-2025:16524","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:16524"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:17181","reference_id":"RHSA-2025:17181","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:17181"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:18219","reference_id":"RHSA-2025:18219","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:18219"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20181","reference_id":"RHSA-2025:20181","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20181"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21885","reference_id":"RHSA-2025:21885","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21885"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22019","reference_id":"RHSA-2025:22019","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22019"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9526","reference_id":"RHSA-2025:9526","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9526"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0934","reference_id":"RHSA-2026:0934","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0934"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372512","reference_id":"show_bug.cgi?id=2372512","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-17T13:30:00Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2372512"},{"reference_url":"https://usn.ubuntu.com/7580-1/","reference_id":"USN-7580-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7580-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/98586?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98599?format=json","purl":"pkg:deb/debian/pam@1.4.0-9%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.4.0-9%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98584?format=json","purl":"pkg:deb/debian/pam@1.5.2-6%2Bdeb12u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-brwt-evvj-vbbq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/98587?format=json","purl":"pkg:deb/debian/pam@1.7.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.7.0-5%3Fdistro=trixie"}],"aliases":["CVE-2025-6020"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yj1q-6tgx-7bbc"}],"risk_score":"2.1","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pam@1.5.2-6%252Bdeb12u2%3Fdistro=trixie"}