{"url":"http://public2.vulnerablecode.io/api/packages/99442?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie","type":"deb","namespace":"debian","name":"inetutils","version":"2:2.4-2+deb12u3","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2:2.4-3","latest_non_vulnerable_version":"2:2.8-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73722?format=json","vulnerability_id":"VCID-4ke9-jwzb-q7hf","summary":"The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40491","reference_id":"","reference_type":"","scores":[{"value":"0.00339","scoring_system":"epss","scoring_elements":"0.56886","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-40491"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993476","reference_id":"993476","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993476"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99455?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99444?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99453?format=json","purl":"pkg:deb/debian/inetutils@2:2.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99442?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99446?format=json","purl":"pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99445?format=json","purl":"pkg:deb/debian/inetutils@2:2.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie"}],"aliases":["CVE-2021-40491"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ke9-jwzb-q7hf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73724?format=json","vulnerability_id":"VCID-4u7r-qpkp-b3gd","summary":"GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process.","references":[{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1049365","reference_id":"1049365","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1049365"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99444?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99458?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99442?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99460?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99446?format=json","purl":"pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99445?format=json","purl":"pkg:deb/debian/inetutils@2:2.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie"}],"aliases":["CVE-2023-40303"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4u7r-qpkp-b3gd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72438?format=json","vulnerability_id":"VCID-53pj-pwxv-qqhv","summary":"Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4862.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-4862.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4862","reference_id":"","reference_type":"","scores":[{"value":"0.92585","scoring_system":"epss","scoring_elements":"0.99755","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-4862"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=770325","reference_id":"770325","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=770325"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/remote/18369.rb","reference_id":"CVE-2011-4862;OSVDB-78020","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/bsd/remote/18369.rb"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18280.c","reference_id":"CVE-2011-4862;OSVDB-78020","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18280.c"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18368.rb","reference_id":"CVE-2011-4862;OSVDB-78020","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18368.rb"},{"reference_url":"https://security.gentoo.org/glsa/201201-14","reference_id":"GLSA-201201-14","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201201-14"},{"reference_url":"https://security.gentoo.org/glsa/201202-05","reference_id":"GLSA-201202-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201202-05"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1851","reference_id":"RHSA-2011:1851","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1852","reference_id":"RHSA-2011:1852","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1852"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1853","reference_id":"RHSA-2011:1853","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1853"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1854","reference_id":"RHSA-2011:1854","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1854"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99448?format=json","purl":"pkg:deb/debian/inetutils@2:1.8-6?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:1.8-6%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99444?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99442?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99446?format=json","purl":"pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99445?format=json","purl":"pkg:deb/debian/inetutils@2:2.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie"}],"aliases":["CVE-2011-4862"],"risk_score":1.6,"exploitability":"2.0","weighted_severity":"0.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-53pj-pwxv-qqhv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73726?format=json","vulnerability_id":"VCID-6h3n-19b6-mqd4","summary":"telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.","references":[],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99444?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99463?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99442?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99467?format=json","purl":"pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99446?format=json","purl":"pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99466?format=json","purl":"pkg:deb/debian/inetutils@2:2.7-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99445?format=json","purl":"pkg:deb/debian/inetutils@2:2.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie"}],"aliases":["CVE-2026-28372"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6h3n-19b6-mqd4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73728?format=json","vulnerability_id":"VCID-76sg-144a-hbfc","summary":"telnet in GNU inetutils through 2.7 allows servers to read arbitrary environment variables from clients via NEW_ENVIRON SEND USERVAR.","references":[{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130741","reference_id":"1130741","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130741"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99444?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99463?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99442?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99446?format=json","purl":"pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99469?format=json","purl":"pkg:deb/debian/inetutils@2:2.7-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99445?format=json","purl":"pkg:deb/debian/inetutils@2:2.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie"}],"aliases":["CVE-2026-32772"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-76sg-144a-hbfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59256?format=json","vulnerability_id":"VCID-f3v6-nfu3-4yes","summary":"Buffer overflow in the TFTP client in InetUtils 1.4.2 allows remote malicious DNS servers to execute arbitrary code via a large DNS response that is handled by the gethostbyname function.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1485","reference_id":"","reference_type":"","scores":[{"value":"0.01636","scoring_system":"epss","scoring_elements":"0.82261","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1485"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99443?format=json","purl":"pkg:deb/debian/inetutils@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99444?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99442?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99446?format=json","purl":"pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99445?format=json","purl":"pkg:deb/debian/inetutils@2:2.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie"}],"aliases":["CVE-2004-1485"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f3v6-nfu3-4yes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73719?format=json","vulnerability_id":"VCID-g7dr-zw6q-4qbn","summary":"Unspecified vulnerability in ping.c in iputils 20020927, 20070202, 20071127, and 20100214 on Mandriva Linux allows remote attackers to cause a denial of service (hang) via a crafted echo response.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2529.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2529.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2529","reference_id":"","reference_type":"","scores":[{"value":"0.00716","scoring_system":"epss","scoring_elements":"0.72743","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2529"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=613819","reference_id":"613819","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=613819"},{"reference_url":"https://security.gentoo.org/glsa/201412-08","reference_id":"GLSA-201412-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-08"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99447?format=json","purl":"pkg:deb/debian/inetutils@2:1.9-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:1.9-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99444?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99442?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99446?format=json","purl":"pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99445?format=json","purl":"pkg:deb/debian/inetutils@2:2.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie"}],"aliases":["CVE-2010-2529"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g7dr-zw6q-4qbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73725?format=json","vulnerability_id":"VCID-jz3v-jq7w-hqgx","summary":"telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a \"-f root\" value for the USER environment variable.","references":[{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126047","reference_id":"1126047","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126047"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/52524.py","reference_id":"CVE-2026-24061","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/52524.py"},{"reference_url":"https://security.gentoo.org/glsa/202601-01","reference_id":"GLSA-202601-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202601-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99444?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99463?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99462?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99442?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99465?format=json","purl":"pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99446?format=json","purl":"pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99464?format=json","purl":"pkg:deb/debian/inetutils@2:2.7-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99445?format=json","purl":"pkg:deb/debian/inetutils@2:2.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie"}],"aliases":["CVE-2026-24061"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jz3v-jq7w-hqgx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73727?format=json","vulnerability_id":"VCID-maan-8v51-n3fp","summary":"telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.","references":[{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130742","reference_id":"1130742","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1130742"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52556.py","reference_id":"CVE-2026-32746","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/52556.py"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99444?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99463?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99442?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99446?format=json","purl":"pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99468?format=json","purl":"pkg:deb/debian/inetutils@2:2.7-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.7-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99445?format=json","purl":"pkg:deb/debian/inetutils@2:2.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie"}],"aliases":["CVE-2026-32746"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-maan-8v51-n3fp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5502?format=json","vulnerability_id":"VCID-sdae-zzg1-r3cq","summary":"arbitrary code execution","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0053","reference_id":"","reference_type":"","scores":[{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29719","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-0053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0053"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945861","reference_id":"945861","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945861"},{"reference_url":"https://security.archlinux.org/ASA-202106-20","reference_id":"ASA-202106-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-20"},{"reference_url":"https://security.archlinux.org/AVG-1003","reference_id":"AVG-1003","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1003"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99451?format=json","purl":"pkg:deb/debian/inetutils@2:1.9.4-11?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:1.9.4-11%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99444?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99442?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99446?format=json","purl":"pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99445?format=json","purl":"pkg:deb/debian/inetutils@2:2.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie"}],"aliases":["CVE-2019-0053"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sdae-zzg1-r3cq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5501?format=json","vulnerability_id":"VCID-v5ku-1gf2-bycq","summary":"arbitrary code execution","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10188.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10188.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10188","reference_id":"","reference_type":"","scores":[{"value":"0.08404","scoring_system":"epss","scoring_elements":"0.92469","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-10188"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10188","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10188"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1811673","reference_id":"1811673","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1811673"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953477","reference_id":"953477","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953477"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953478","reference_id":"953478","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953478"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956084","reference_id":"956084","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=956084"},{"reference_url":"https://security.archlinux.org/ASA-202106-20","reference_id":"ASA-202106-20","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-202106-20"},{"reference_url":"https://security.archlinux.org/AVG-1003","reference_id":"AVG-1003","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-1003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1318","reference_id":"RHSA-2020:1318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1334","reference_id":"RHSA-2020:1334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1335","reference_id":"RHSA-2020:1335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1342","reference_id":"RHSA-2020:1342","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1349","reference_id":"RHSA-2020:1349","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0011","reference_id":"RHSA-2022:0011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0158","reference_id":"RHSA-2022:0158","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0158"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99452?format=json","purl":"pkg:deb/debian/inetutils@2:1.9.4-12?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:1.9.4-12%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99444?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99442?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99446?format=json","purl":"pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99445?format=json","purl":"pkg:deb/debian/inetutils@2:2.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie"}],"aliases":["CVE-2020-10188"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v5ku-1gf2-bycq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73723?format=json","vulnerability_id":"VCID-xzea-av55-ykfg","summary":"telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. In a typical installation, the telnetd application would crash but the telnet service would remain available through inetd. However, if the telnetd application has many crashes within a short time interval, the telnet service would become unavailable after inetd logs a \"telnet/tcp server failing (looping), service terminated\" error. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39028.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-39028.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39028","reference_id":"","reference_type":"","scores":[{"value":"0.00368","scoring_system":"epss","scoring_elements":"0.59053","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-39028"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2126045","reference_id":"2126045","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2126045"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99455?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99444?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99456?format=json","purl":"pkg:deb/debian/inetutils@2:2.3-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.3-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99442?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99446?format=json","purl":"pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99445?format=json","purl":"pkg:deb/debian/inetutils@2:2.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie"}],"aliases":["CVE-2022-39028"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xzea-av55-ykfg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/73721?format=json","vulnerability_id":"VCID-yk2c-4yjc-d3cw","summary":"rsyslog before 7.6.6 and 8.x before 8.4.1 and sysklogd 1.5 and earlier allows remote attackers to cause a denial of service (crash), possibly execute arbitrary code, or have other unspecified impact via a crafted priority (PRI) value that triggers an out-of-bounds array access.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3634.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3634.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3634","reference_id":"","reference_type":"","scores":[{"value":"0.29383","scoring_system":"epss","scoring_elements":"0.96693","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3634"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1142373","reference_id":"1142373","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1142373"},{"reference_url":"https://security.gentoo.org/glsa/201412-35","reference_id":"GLSA-201412-35","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201412-35"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1397","reference_id":"RHSA-2014:1397","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1397"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1654","reference_id":"RHSA-2014:1654","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1654"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1671","reference_id":"RHSA-2014:1671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1671"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/99449?format=json","purl":"pkg:deb/debian/inetutils@2:1.9.2.39.3a460-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:1.9.2.39.3a460-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99444?format=json","purl":"pkg:deb/debian/inetutils@2:2.0-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.0-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99442?format=json","purl":"pkg:deb/debian/inetutils@2:2.4-2%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99446?format=json","purl":"pkg:deb/debian/inetutils@2:2.6-3%2Bdeb13u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.6-3%252Bdeb13u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/99445?format=json","purl":"pkg:deb/debian/inetutils@2:2.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.8-2%3Fdistro=trixie"}],"aliases":["CVE-2014-3634"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yk2c-4yjc-d3cw"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/inetutils@2:2.4-2%252Bdeb12u3%3Fdistro=trixie"}