{"id":"DSA-264","summary":"lxr - missing filename sanitizing","modified":"2026-03-09T01:19:49.556117Z","published":"2003-03-19T00:00:00Z","upstream":["CVE-2003-0156","DEBIAN-CVE-2003-0156"],"affected":[{"package":{"name":"lxr","ecosystem":"Debian:3.0","purl":"pkg:deb/debian/lxr?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.3-3"}]}],"database_specific":{"source":"https://storage.googleapis.com/debian-osv/dsa-osv/DSA-264.json"}}],"schema_version":"1.7.3"}