{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199397?format=json","vulnerability_id":"VCID-wx5r-23ae-5yhz","summary":"Canna 3.6 and earlier does not properly validate requests, which allows remote attackers to cause a denial of service or information leak.","aliases":[{"alias":"CVE-2002-1159"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/26765?format=json","purl":"pkg:deb/debian/canna@3.6p1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/canna@3.6p1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1082481?format=json","purl":"pkg:deb/debian/canna@3.7p3-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/canna@3.7p3-1"},{"url":"http://public2.vulnerablecode.io/api/packages/26766?format=json","purl":"pkg:deb/debian/canna@3.7p3-16?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/canna@3.7p3-16%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26764?format=json","purl":"pkg:deb/debian/canna@3.7p3-20?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/canna@3.7p3-20%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26768?format=json","purl":"pkg:deb/debian/canna@3.7p3-25?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/canna@3.7p3-25%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/26767?format=json","purl":"pkg:deb/debian/canna@3.7p3-29?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/canna@3.7p3-29%3Fdistro=trixie"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1082477?format=json","purl":"pkg:deb/debian/canna@3.5b2-14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-jtre-q1dk-eydf"},{"vulnerability":"VCID-wx5r-23ae-5yhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/canna@3.5b2-14"},{"url":"http://public2.vulnerablecode.io/api/packages/1082478?format=json","purl":"pkg:deb/debian/canna@3.5b2-19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-jtre-q1dk-eydf"},{"vulnerability":"VCID-wx5r-23ae-5yhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/canna@3.5b2-19"},{"url":"http://public2.vulnerablecode.io/api/packages/1082479?format=json","purl":"pkg:deb/debian/canna@3.5b2-25","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-jtre-q1dk-eydf"},{"vulnerability":"VCID-wx5r-23ae-5yhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/canna@3.5b2-25"},{"url":"http://public2.vulnerablecode.io/api/packages/1082480?format=json","purl":"pkg:deb/debian/canna@3.5b2-46.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-jtre-q1dk-eydf"},{"vulnerability":"VCID-wx5r-23ae-5yhz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/canna@3.5b2-46.2"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1159.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2002-1159.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1159","reference_id":"","reference_type":"","scores":[{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.79935","published_at":"2026-06-11T12:55:00Z"},{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.79998","published_at":"2026-06-12T12:55:00Z"},{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.80015","published_at":"2026-06-13T12:55:00Z"},{"value":"0.01271","scoring_system":"epss","scoring_elements":"0.80008","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2002-1159"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1159","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2002-1159"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616851","reference_id":"1616851","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1616851"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:246","reference_id":"RHSA-2002:246","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:246"},{"reference_url":"https://access.redhat.com/errata/RHSA-2002:261","reference_id":"RHSA-2002:261","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2002:261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2003:115","reference_id":"RHSA-2003:115","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2003:115"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.0","risk_score":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wx5r-23ae-5yhz"}