{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31734?format=json","vulnerability_id":"VCID-m98m-wbj2-zbdk","summary":"Two vulnerabilities have been found in Bash, the worst of which may\n    allow execution of arbitrary code.","aliases":[{"alias":"CVE-2012-3410"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/583049?format=json","purl":"pkg:deb/debian/bash@4.2-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.2-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/571521?format=json","purl":"pkg:deb/debian/bash@4.2%2Bdfsg-0.1%2Bdeb7u3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.2%252Bdfsg-0.1%252Bdeb7u3"},{"url":"http://public2.vulnerablecode.io/api/packages/583050?format=json","purl":"pkg:deb/debian/bash@5.1-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-rc3z-84wf-pygu"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.1-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583051?format=json","purl":"pkg:deb/debian/bash@5.2.15-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.2.15-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583052?format=json","purl":"pkg:deb/debian/bash@5.2.37-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.2.37-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/583053?format=json","purl":"pkg:deb/debian/bash@5.3-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.3-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1102897?format=json","purl":"pkg:deb/debian/bash@5.3-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@5.3-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/71963?format=json","purl":"pkg:ebuild/app-shells/bash@4.2_p37","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-shells/bash@4.2_p37"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571512?format=json","purl":"pkg:deb/debian/bash@2.01.1-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-twyf-cbfd-hka1"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.01.1-4"},{"url":"http://public2.vulnerablecode.io/api/packages/571513?format=json","purl":"pkg:deb/debian/bash@2.01.1-4.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-twyf-cbfd-hka1"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.01.1-4.1"},{"url":"http://public2.vulnerablecode.io/api/packages/571514?format=json","purl":"pkg:deb/debian/bash@2.03-6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-twyf-cbfd-hka1"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.03-6"},{"url":"http://public2.vulnerablecode.io/api/packages/571515?format=json","purl":"pkg:deb/debian/bash@2.05a-11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-twyf-cbfd-hka1"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.05a-11"},{"url":"http://public2.vulnerablecode.io/api/packages/571516?format=json","purl":"pkg:deb/debian/bash@2.05b-2-26","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-twyf-cbfd-hka1"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@2.05b-2-26"},{"url":"http://public2.vulnerablecode.io/api/packages/571517?format=json","purl":"pkg:deb/debian/bash@3.1dfsg-8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-twyf-cbfd-hka1"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@3.1dfsg-8"},{"url":"http://public2.vulnerablecode.io/api/packages/571518?format=json","purl":"pkg:deb/debian/bash@3.2-4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-twyf-cbfd-hka1"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@3.2-4"},{"url":"http://public2.vulnerablecode.io/api/packages/571519?format=json","purl":"pkg:deb/debian/bash@4.1-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.1-3"},{"url":"http://public2.vulnerablecode.io/api/packages/571520?format=json","purl":"pkg:deb/debian/bash@4.1-3%2Bdeb6u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c4h-9zpn-kkd2"},{"vulnerability":"VCID-556k-17z3-auc2"},{"vulnerability":"VCID-az8z-jtp2-tyhj"},{"vulnerability":"VCID-ba3s-az62-fkdc"},{"vulnerability":"VCID-hvf8-a8kf-qqbq"},{"vulnerability":"VCID-hxgp-7aap-xqh6"},{"vulnerability":"VCID-jqym-yvag-qfcz"},{"vulnerability":"VCID-k9hm-bh92-qfan"},{"vulnerability":"VCID-m98m-wbj2-zbdk"},{"vulnerability":"VCID-nm4t-6dw6-vbby"},{"vulnerability":"VCID-sqj7-9htv-nbfn"},{"vulnerability":"VCID-up13-8aex-7qfy"},{"vulnerability":"VCID-yje9-sb3a-kubp"},{"vulnerability":"VCID-yz3v-qgsz-53ew"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/bash@4.1-3%252Bdeb6u2"}],"references":[{"reference_url":"ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-033","reference_id":"","reference_type":"","scores":[],"url":"ftp://ftp.gnu.org/pub/gnu/bash/bash-4.2-patches/bash42-033"},{"reference_url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681278","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681278"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3410.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3410.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3410","reference_id":"","reference_type":"","scores":[{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2424","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24354","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.2448","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24514","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24297","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24364","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24409","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24425","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24383","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24327","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24344","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24334","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24306","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24181","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24168","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24127","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24011","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24092","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24158","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24104","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24124","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24209","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-3410"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3410","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3410"},{"reference_url":"http://secunia.com/advisories/51086","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/51086"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201210-05.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201210-05.xml"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/77551","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/77551"},{"reference_url":"https://hermes.opensuse.org/messages/15227834","reference_id":"","reference_type":"","scores":[],"url":"https://hermes.opensuse.org/messages/15227834"},{"reference_url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:128","reference_id":"","reference_type":"","scores":[],"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2012:128"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/07/11/11","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/07/11/11"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/07/11/22","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/07/11/22"},{"reference_url":"http://www.openwall.com/lists/oss-security/2012/07/12/4","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2012/07/12/4"},{"reference_url":"http://www.securityfocus.com/bid/54937","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/54937"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681278","reference_id":"681278","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681278"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=840091","reference_id":"840091","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=840091"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:bash:4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:gnu:bash:4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnu:bash:4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3410","reference_id":"CVE-2012-3410","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-3410"},{"reference_url":"https://security.gentoo.org/glsa/201210-05","reference_id":"GLSA-201210-05","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201210-05"}],"weaknesses":[{"cwe_id":121,"name":"Stack-based Buffer Overflow","description":"A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function)."},{"cwe_id":119,"name":"Improper Restriction of Operations within the Bounds of a Memory Buffer","description":"The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer."}],"exploits":[],"severity_range_score":"4.6 - 4.6","exploitability":"0.5","weighted_severity":"4.1","risk_score":2.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m98m-wbj2-zbdk"}