{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47798?format=json","vulnerability_id":"VCID-sg7w-33jd-2yap","summary":"Multiple vulnerabilities have been found in libXfont, the worst of\n    which allow for local privilege escalation.","aliases":[{"alias":"CVE-2011-2895"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/929145?format=json","purl":"pkg:deb/debian/libxfont@1:1.4.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxfont@1:1.4.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/571176?format=json","purl":"pkg:deb/debian/libxfont@1:1.4.5-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19c4-kwxh-kybw"},{"vulnerability":"VCID-2w1u-kcvp-rygj"},{"vulnerability":"VCID-3674-8j3b-xkee"},{"vulnerability":"VCID-5fjg-kuqy-ekbn"},{"vulnerability":"VCID-7sx8-amfh-wuh4"},{"vulnerability":"VCID-8kcf-9dwq-dybz"},{"vulnerability":"VCID-dmke-csaa-e3cr"},{"vulnerability":"VCID-vs3c-a2u9-bqge"},{"vulnerability":"VCID-xhfh-vnnu-6kgj"},{"vulnerability":"VCID-yduw-uqsw-g7b9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxfont@1:1.4.5-5"},{"url":"http://public2.vulnerablecode.io/api/packages/929139?format=json","purl":"pkg:deb/debian/libxfont@1:2.0.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxfont@1:2.0.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929137?format=json","purl":"pkg:deb/debian/libxfont@1:2.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxfont@1:2.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/929140?format=json","purl":"pkg:deb/debian/libxfont@1:2.0.6-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxfont@1:2.0.6-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/77247?format=json","purl":"pkg:ebuild/x11-libs/libXfont@1.4.7","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/x11-libs/libXfont@1.4.7"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/571171?format=json","purl":"pkg:deb/debian/libxfont@1:1.2.2-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19c4-kwxh-kybw"},{"vulnerability":"VCID-2w1u-kcvp-rygj"},{"vulnerability":"VCID-3674-8j3b-xkee"},{"vulnerability":"VCID-5fjg-kuqy-ekbn"},{"vulnerability":"VCID-7sx8-amfh-wuh4"},{"vulnerability":"VCID-8kcf-9dwq-dybz"},{"vulnerability":"VCID-9qnq-nhan-7ubj"},{"vulnerability":"VCID-dmke-csaa-e3cr"},{"vulnerability":"VCID-gty4-vgqp-6ufn"},{"vulnerability":"VCID-sg7w-33jd-2yap"},{"vulnerability":"VCID-vs3c-a2u9-bqge"},{"vulnerability":"VCID-xhfh-vnnu-6kgj"},{"vulnerability":"VCID-yduw-uqsw-g7b9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxfont@1:1.2.2-2"},{"url":"http://public2.vulnerablecode.io/api/packages/571172?format=json","purl":"pkg:deb/debian/libxfont@1:1.2.2-2.etch1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19c4-kwxh-kybw"},{"vulnerability":"VCID-2w1u-kcvp-rygj"},{"vulnerability":"VCID-3674-8j3b-xkee"},{"vulnerability":"VCID-5fjg-kuqy-ekbn"},{"vulnerability":"VCID-7sx8-amfh-wuh4"},{"vulnerability":"VCID-8kcf-9dwq-dybz"},{"vulnerability":"VCID-9qnq-nhan-7ubj"},{"vulnerability":"VCID-dmke-csaa-e3cr"},{"vulnerability":"VCID-gty4-vgqp-6ufn"},{"vulnerability":"VCID-sg7w-33jd-2yap"},{"vulnerability":"VCID-vs3c-a2u9-bqge"},{"vulnerability":"VCID-xhfh-vnnu-6kgj"},{"vulnerability":"VCID-yduw-uqsw-g7b9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxfont@1:1.2.2-2.etch1"},{"url":"http://public2.vulnerablecode.io/api/packages/571173?format=json","purl":"pkg:deb/debian/libxfont@1:1.3.3-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19c4-kwxh-kybw"},{"vulnerability":"VCID-2w1u-kcvp-rygj"},{"vulnerability":"VCID-3674-8j3b-xkee"},{"vulnerability":"VCID-5fjg-kuqy-ekbn"},{"vulnerability":"VCID-7sx8-amfh-wuh4"},{"vulnerability":"VCID-8kcf-9dwq-dybz"},{"vulnerability":"VCID-dmke-csaa-e3cr"},{"vulnerability":"VCID-sg7w-33jd-2yap"},{"vulnerability":"VCID-vs3c-a2u9-bqge"},{"vulnerability":"VCID-xhfh-vnnu-6kgj"},{"vulnerability":"VCID-yduw-uqsw-g7b9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxfont@1:1.3.3-2"},{"url":"http://public2.vulnerablecode.io/api/packages/571174?format=json","purl":"pkg:deb/debian/libxfont@1:1.4.1-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19c4-kwxh-kybw"},{"vulnerability":"VCID-2w1u-kcvp-rygj"},{"vulnerability":"VCID-3674-8j3b-xkee"},{"vulnerability":"VCID-5fjg-kuqy-ekbn"},{"vulnerability":"VCID-7sx8-amfh-wuh4"},{"vulnerability":"VCID-8kcf-9dwq-dybz"},{"vulnerability":"VCID-dmke-csaa-e3cr"},{"vulnerability":"VCID-sg7w-33jd-2yap"},{"vulnerability":"VCID-vs3c-a2u9-bqge"},{"vulnerability":"VCID-xhfh-vnnu-6kgj"},{"vulnerability":"VCID-yduw-uqsw-g7b9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxfont@1:1.4.1-5"},{"url":"http://public2.vulnerablecode.io/api/packages/571175?format=json","purl":"pkg:deb/debian/libxfont@1:1.4.1-5%2Bdeb6u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-19c4-kwxh-kybw"},{"vulnerability":"VCID-2w1u-kcvp-rygj"},{"vulnerability":"VCID-3674-8j3b-xkee"},{"vulnerability":"VCID-5fjg-kuqy-ekbn"},{"vulnerability":"VCID-7sx8-amfh-wuh4"},{"vulnerability":"VCID-8kcf-9dwq-dybz"},{"vulnerability":"VCID-dmke-csaa-e3cr"},{"vulnerability":"VCID-sg7w-33jd-2yap"},{"vulnerability":"VCID-vs3c-a2u9-bqge"},{"vulnerability":"VCID-xhfh-vnnu-6kgj"},{"vulnerability":"VCID-yduw-uqsw-g7b9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libxfont@1:1.4.1-5%252Bdeb6u1"},{"url":"http://public2.vulnerablecode.io/api/packages/126763?format=json","purl":"pkg:rpm/redhat/freetype@2.1.9-19?arch=el4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-sg7w-33jd-2yap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/freetype@2.1.9-19%3Farch=el4"},{"url":"http://public2.vulnerablecode.io/api/packages/126761?format=json","purl":"pkg:rpm/redhat/libXfont@1.2.2-1.0.3?arch=el5_6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-sg7w-33jd-2yap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libXfont@1.2.2-1.0.3%3Farch=el5_6"},{"url":"http://public2.vulnerablecode.io/api/packages/126765?format=json","purl":"pkg:rpm/redhat/libXfont@1.2.2-1.0.4?arch=el5_7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-sg7w-33jd-2yap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libXfont@1.2.2-1.0.4%3Farch=el5_7"},{"url":"http://public2.vulnerablecode.io/api/packages/126762?format=json","purl":"pkg:rpm/redhat/libXfont@1.4.1-2?arch=el6_1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-sg7w-33jd-2yap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libXfont@1.4.1-2%3Farch=el6_1"},{"url":"http://public2.vulnerablecode.io/api/packages/126764?format=json","purl":"pkg:rpm/redhat/xorg-x11@6.8.2-1.EL?arch=69","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-sg7w-33jd-2yap"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/xorg-x11@6.8.2-1.EL%3Farch=69"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2895.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-2895.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2895","reference_id":"","reference_type":"","scores":[{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.91431","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.91437","published_at":"2026-04-02T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.91447","published_at":"2026-04-04T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.91455","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.91467","published_at":"2026-04-08T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.91474","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.91479","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.91482","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.9148","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.91504","published_at":"2026-04-16T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.91499","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.91507","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.91505","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.91518","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.91533","published_at":"2026-05-07T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.91542","published_at":"2026-05-09T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.9154","published_at":"2026-05-11T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.9155","published_at":"2026-05-12T12:55:00Z"},{"value":"0.07018","scoring_system":"epss","scoring_elements":"0.91558","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2895"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2895","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2895"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=727624","reference_id":"727624","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=727624"},{"reference_url":"https://security.gentoo.org/glsa/201402-23","reference_id":"GLSA-201402-23","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201402-23"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1154","reference_id":"RHSA-2011:1154","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1154"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1155","reference_id":"RHSA-2011:1155","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1155"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1161","reference_id":"RHSA-2011:1161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2011:1834","reference_id":"RHSA-2011:1834","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2011:1834"},{"reference_url":"https://usn.ubuntu.com/1191-1/","reference_id":"USN-1191-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/1191-1/"}],"weaknesses":[],"exploits":[],"severity_range_score":null,"exploitability":"0.5","weighted_severity":"0.1","risk_score":0.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sg7w-33jd-2yap"}