{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47175?format=json","vulnerability_id":"VCID-wgxn-vy57-pbhk","summary":"PuTTY contains a vulnerability allowing an SSH server to execute arbitrary\n    code on the connecting client.","aliases":[{"alias":"CVE-2004-1008"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/936048?format=json","purl":"pkg:deb/debian/putty@0.56-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.56-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936045?format=json","purl":"pkg:deb/debian/putty@0.74-1%2Bdeb11u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.74-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936043?format=json","purl":"pkg:deb/debian/putty@0.78-2%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.78-2%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/936046?format=json","purl":"pkg:deb/debian/putty@0.83-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/putty@0.83-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/76959?format=json","purl":"pkg:ebuild/net-misc/putty@0.56","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-misc/putty@0.56"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/76958?format=json","purl":"pkg:ebuild/net-misc/putty@0.55","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wgxn-vy57-pbhk"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/net-misc/putty@0.55"}],"references":[{"reference_url":"http://marc.info/?l=bugtraq&m=109889312917613&w=2","reference_id":"","reference_type":"","scores":[],"url":"http://marc.info/?l=bugtraq&m=109889312917613&w=2"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1008","reference_id":"","reference_type":"","scores":[{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92783","published_at":"2026-05-15T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92662","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92669","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92675","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92685","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.9269","published_at":"2026-04-09T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92696","published_at":"2026-04-11T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92695","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92708","published_at":"2026-04-16T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92707","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92712","published_at":"2026-04-21T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92716","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.9271","published_at":"2026-04-29T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92719","published_at":"2026-05-05T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92733","published_at":"2026-05-07T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92744","published_at":"2026-05-09T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92748","published_at":"2026-05-11T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92753","published_at":"2026-05-12T12:55:00Z"},{"value":"0.09179","scoring_system":"epss","scoring_elements":"0.92777","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2004-1008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1008"},{"reference_url":"http://secunia.com/advisories/12987/","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/12987/"},{"reference_url":"http://secunia.com/advisories/13012/","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/13012/"},{"reference_url":"http://secunia.com/advisories/17214","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/17214"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17886","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/17886"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002414"},{"reference_url":"http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416","reference_id":"","reference_type":"","scores":[],"url":"http://www-1.ibm.com/support/docview.wss?uid=ssg1S1002416"},{"reference_url":"http://www.chiark.greenend.org.uk/~sgtatham/putty/","reference_id":"","reference_type":"","scores":[],"url":"http://www.chiark.greenend.org.uk/~sgtatham/putty/"},{"reference_url":"http://www.gentoo.org/security/en/glsa/glsa-200410-29.xml","reference_id":"","reference_type":"","scores":[],"url":"http://www.gentoo.org/security/en/glsa/glsa-200410-29.xml"},{"reference_url":"http://www.idefense.com/application/poi/display?id=155&type=vulnerabilities&flashstatus=true","reference_id":"","reference_type":"","scores":[],"url":"http://www.idefense.com/application/poi/display?id=155&type=vulnerabilities&flashstatus=true"},{"reference_url":"http://www.securityfocus.com/bid/11549","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/11549"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.48:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.49:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.50:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.50:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.50:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.51:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.52:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.53:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.53:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.53:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.53b:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.54:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:putty:putty:0.55:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tortoisecvs:tortoisecvs:1.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tortoisecvs:tortoisecvs:1.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tortoisecvs:tortoisecvs:1.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2004-1008","reference_id":"CVE-2004-1008","reference_type":"","scores":[{"value":"10.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:C/I:C/A:C"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2004-1008"},{"reference_url":"https://security.gentoo.org/glsa/200410-29","reference_id":"GLSA-200410-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200410-29"}],"weaknesses":[],"exploits":[],"severity_range_score":"10.0 - 10.0","exploitability":"0.5","weighted_severity":"9.0","risk_score":4.5,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wgxn-vy57-pbhk"}