Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-5fta-p1m7-hycm

Summary hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfaxd file, allows remote attackers to authenticate and bypass intended access restrictions via a crafted (1) username or (2) hostname that satisfies a regular expression that is matched against a hosts.hfaxd entry without a password.

Aliases

alias	CVE-2004-1182

Fixed_packages

url	pkg:deb/debian/hylafax@1:4.2.1-1?distro=trixie
purl	pkg:deb/debian/hylafax@1:4.2.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/hylafax@1:4.2.1-1%3Fdistro=trixie

url pkg:deb/debian/hylafax@1:4.2.1-5sarge3

purl pkg:deb/debian/hylafax@1:4.2.1-5sarge3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1rax-9262-rugj

vulnerability	VCID-461b-thwk-n7a2

vulnerability	VCID-8dad-hcqq-nbh8

vulnerability	VCID-gyb2-bc68-3qcc

vulnerability	VCID-rzd7-vyeu-tbg3

vulnerability	VCID-stxg-gkaw-wbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hylafax@1:4.2.1-5sarge3

url	pkg:deb/debian/hylafax@3:6.0.7-3.1?distro=trixie
purl	pkg:deb/debian/hylafax@3:6.0.7-3.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/hylafax@3:6.0.7-3.1%3Fdistro=trixie

url	pkg:deb/debian/hylafax@3:6.0.7-5?distro=trixie
purl	pkg:deb/debian/hylafax@3:6.0.7-5?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/hylafax@3:6.0.7-5%3Fdistro=trixie

url	pkg:deb/debian/hylafax@3:6.0.7-11.1?distro=trixie
purl	pkg:deb/debian/hylafax@3:6.0.7-11.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/hylafax@3:6.0.7-11.1%3Fdistro=trixie

url	pkg:deb/debian/hylafax@3:6.0.7-13?distro=trixie
purl	pkg:deb/debian/hylafax@3:6.0.7-13?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/hylafax@3:6.0.7-13%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/hylafax@4.0.2-7

purl pkg:deb/debian/hylafax@4.0.2-7

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1rax-9262-rugj

vulnerability	VCID-461b-thwk-n7a2

vulnerability	VCID-4p22-ch6t-zuer

vulnerability	VCID-5fta-p1m7-hycm

vulnerability	VCID-5t3p-xrpr-x7a1

vulnerability	VCID-8dad-hcqq-nbh8

vulnerability	VCID-gyb2-bc68-3qcc

vulnerability	VCID-kzuk-dm62-qbcs

vulnerability	VCID-rzd7-vyeu-tbg3

vulnerability	VCID-stxg-gkaw-wbae

vulnerability	VCID-zhhw-1x32-xkfb

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hylafax@4.0.2-7

url pkg:deb/debian/hylafax@4.0.2-8

purl pkg:deb/debian/hylafax@4.0.2-8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1rax-9262-rugj

vulnerability	VCID-461b-thwk-n7a2

vulnerability	VCID-4p22-ch6t-zuer

vulnerability	VCID-5fta-p1m7-hycm

vulnerability	VCID-5t3p-xrpr-x7a1

vulnerability	VCID-8dad-hcqq-nbh8

vulnerability	VCID-gyb2-bc68-3qcc

vulnerability	VCID-kzuk-dm62-qbcs

vulnerability	VCID-rzd7-vyeu-tbg3

vulnerability	VCID-stxg-gkaw-wbae

vulnerability	VCID-zhhw-1x32-xkfb

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hylafax@4.0.2-8

url pkg:deb/debian/hylafax@1:4.1.1-3.1

purl pkg:deb/debian/hylafax@1:4.1.1-3.1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1rax-9262-rugj

vulnerability	VCID-461b-thwk-n7a2

vulnerability	VCID-5fta-p1m7-hycm

vulnerability	VCID-8dad-hcqq-nbh8

vulnerability	VCID-gyb2-bc68-3qcc

vulnerability	VCID-kzuk-dm62-qbcs

vulnerability	VCID-rzd7-vyeu-tbg3

vulnerability	VCID-stxg-gkaw-wbae

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/hylafax@1:4.1.1-3.1

References

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2004-1182

reference_id

reference_type

scores

value	0.00552
scoring_system	epss
scoring_elements	0.68478
published_at	2026-06-11T12:55:00Z

value	0.00552
scoring_system	epss
scoring_elements	0.68567
published_at	2026-06-12T12:55:00Z

value	0.00552
scoring_system	epss
scoring_elements	0.6858
published_at	2026-06-13T12:55:00Z

value	0.00552
scoring_system	epss
scoring_elements	0.68575
published_at	2026-06-14T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2004-1182

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1182
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1182

Weaknesses

Exploits

Severity_range_score null

Exploitability 0.5

Weighted_severity 0.0

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5fta-p1m7-hycm

Vulnerability Instance