Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1035930?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1035930?format=api", "purl": "pkg:deb/debian/poppler@0.4.5-5.1", "type": "deb", "namespace": "debian", "name": "poppler", "version": "0.4.5-5.1", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "25.03.0-11.1", "latest_non_vulnerable_version": "25.03.0-11.1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87797?format=api", "vulnerability_id": "VCID-1j2u-8dqz-q3ad", "summary": "xpdf: XRef table parsing infinite loop", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0207.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0207.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63361", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63384", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63258", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63317", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63344", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.6331", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63362", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63379", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63397", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.6338", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63343", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63377", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0207" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0207" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2010-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2010-0207" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=583738", "reference_id": "583738", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=583738" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.03-17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.03-17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.03-17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.04-13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.04-13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.04-13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.04-4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.04-4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.04-4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0207", "reference_id": "CVE-2010-0207", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0207" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035935?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-6" } ], "aliases": [ "CVE-2010-0207" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1j2u-8dqz-q3ad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57325?format=api", "vulnerability_id": "VCID-21p7-89u3-bydd", "summary": "Multiple vulnerabilities have been found in Poppler, allowing\n remote attackers to execute arbitrary code or cause a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4474.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4474.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4474", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96174", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96182", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96189", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96193", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96202", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96206", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.9621", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96209", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96211", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.9622", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96224", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96225", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4474" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4474" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1024762", "reference_id": "1024762", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1024762" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729064", "reference_id": "729064", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729064" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/38817.txt", "reference_id": "CVE-2013-4474;OSVDB-99066", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/38817.txt" }, { "reference_url": "https://www.securityfocus.com/bid/63374/info", "reference_id": "CVE-2013-4474;OSVDB-99066", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/63374/info" }, { "reference_url": "https://security.gentoo.org/glsa/201401-21", "reference_id": "GLSA-201401-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-21" }, { "reference_url": "https://usn.ubuntu.com/2958-1/", "reference_id": "USN-2958-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2958-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035936?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2~bpo70%252B1" } ], "aliases": [ "CVE-2013-4474" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-21p7-89u3-bydd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83248?format=api", "vulnerability_id": "VCID-29b3-s5n9-5fd8", "summary": "poppler: out of bounds read in pdfunite", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13988.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13988.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-13988", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70705", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70674", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70719", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70726", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.7471", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74717", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74731", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74755", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74734", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74681", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74685", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74684", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-13988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13988" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602838", "reference_id": "1602838", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602838" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904922", "reference_id": "904922", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3140", "reference_id": "RHSA-2018:3140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3140" }, { "reference_url": "https://usn.ubuntu.com/3757-1/", "reference_id": "USN-3757-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3757-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2018-13988" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-29b3-s5n9-5fd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82697?format=api", "vulnerability_id": "VCID-2ck3-hjtt-hbax", "summary": "poppler: pdftohtml: access to uninitialized pointer could lead to DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27778.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27778.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27778", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51622", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51673", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51698", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51658", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51712", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51708", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51758", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51736", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51719", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.5176", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51767", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51747", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27778" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1900712", "reference_id": "1900712", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1900712" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1881", "reference_id": "RHSA-2021:1881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1881" }, { "reference_url": "https://usn.ubuntu.com/4646-1/", "reference_id": "USN-4646-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4646-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2020-27778" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ck3-hjtt-hbax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31238?format=api", "vulnerability_id": "VCID-35b2-jj1x-rkcf", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3604.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3604.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3604", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07495", "scoring_system": "epss", "scoring_elements": "0.91751", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07495", "scoring_system": "epss", "scoring_elements": "0.9176", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07495", "scoring_system": "epss", "scoring_elements": "0.91766", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07495", "scoring_system": "epss", "scoring_elements": "0.91773", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07495", "scoring_system": "epss", "scoring_elements": "0.91785", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07495", "scoring_system": "epss", "scoring_elements": "0.91792", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07495", "scoring_system": "epss", "scoring_elements": "0.91795", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07495", "scoring_system": "epss", "scoring_elements": "0.91797", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07495", "scoring_system": "epss", "scoring_elements": "0.91793", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07495", "scoring_system": "epss", "scoring_elements": "0.91812", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07495", "scoring_system": "epss", "scoring_elements": "0.91805", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.07495", "scoring_system": "epss", "scoring_elements": "0.91806", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3604" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3604" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=526911", "reference_id": "526911", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526911" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287", "reference_id": "551287", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289", "reference_id": "551289", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1500", "reference_id": "RHSA-2009:1500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1501", "reference_id": "RHSA-2009:1501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1502", "reference_id": "RHSA-2009:1502", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1503", "reference_id": "RHSA-2009:1503", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1503" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1512", "reference_id": "RHSA-2009:1512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1512" }, { "reference_url": "https://usn.ubuntu.com/850-1/", "reference_id": "USN-850-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-1/" }, { "reference_url": "https://usn.ubuntu.com/850-3/", "reference_id": "USN-850-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-3604" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-35b2-jj1x-rkcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31239?format=api", "vulnerability_id": "VCID-3eaw-7xrw-tkft", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3605.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3605.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3605", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04392", "scoring_system": "epss", "scoring_elements": "0.88942", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04392", "scoring_system": "epss", "scoring_elements": "0.8895", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04392", "scoring_system": "epss", "scoring_elements": "0.88966", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04392", "scoring_system": "epss", "scoring_elements": "0.88969", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04392", "scoring_system": "epss", "scoring_elements": "0.88987", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04392", "scoring_system": "epss", "scoring_elements": "0.88992", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04392", "scoring_system": "epss", "scoring_elements": "0.89004", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04392", "scoring_system": "epss", "scoring_elements": "0.89", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04392", "scoring_system": "epss", "scoring_elements": "0.88998", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04392", "scoring_system": "epss", "scoring_elements": "0.89012", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04392", "scoring_system": "epss", "scoring_elements": "0.8901", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04392", "scoring_system": "epss", "scoring_elements": "0.89005", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3605" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3605" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840", "reference_id": "491840", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=491840" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289", "reference_id": "551289", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://usn.ubuntu.com/850-1/", "reference_id": "USN-850-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-3605" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3eaw-7xrw-tkft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83989?format=api", "vulnerability_id": "VCID-3kw1-pxdk-27h4", "summary": "poppler: NULL pointer dereference in the SplashOutputDev::type3D0() function", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14927.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14927.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14927", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36157", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36207", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36182", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36224", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36209", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49389", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49417", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.4937", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49424", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.4942", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49438", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49361", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14927" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102604", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102604" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14927" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500324", "reference_id": "1500324", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500324" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877237", "reference_id": "877237", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877237" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14927", "reference_id": "CVE-2017-14927", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14927" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14927" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3kw1-pxdk-27h4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69077?format=api", "vulnerability_id": "VCID-3u3m-ru9u-buem", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9775.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9775.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73589", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73693", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73648", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.7364", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73684", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73598", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73622", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73594", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.7363", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73643", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73666", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466442", "reference_id": "1466442", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466442" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865680", "reference_id": "865680", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865680" }, { "reference_url": "https://security.archlinux.org/ASA-201706-33", "reference_id": "ASA-201706-33", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-33" }, { "reference_url": "https://security.archlinux.org/AVG-326", "reference_id": "AVG-326", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2551", "reference_id": "RHSA-2017:2551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2551" }, { "reference_url": "https://usn.ubuntu.com/3350-1/", "reference_id": "USN-3350-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3350-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-9775" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3u3m-ru9u-buem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31247?format=api", "vulnerability_id": "VCID-4128-ep6n-hufz", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch", "reference_id": "", "reference_type": "", "scores": [], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch" }, { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=39d140bfc0b8239bdd96d6a55842034ae5c05473" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3704.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3704.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3704", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80423", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80338", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80345", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80365", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80354", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80382", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80392", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80411", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80396", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80389", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.80418", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01395", "scoring_system": "epss", "scoring_elements": "0.8042", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3704" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3704" }, { "reference_url": "http://secunia.com/advisories/42141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42141" }, { "reference_url": "http://secunia.com/advisories/42357", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42357" }, { "reference_url": "http://secunia.com/advisories/42397", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42397" }, { "reference_url": "http://secunia.com/advisories/42691", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42691" }, { "reference_url": "http://secunia.com/advisories/43079", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43079" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720" }, { "reference_url": "http://www.debian.org/security/2010/dsa-2119", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2010/dsa-2119" }, { "reference_url": "http://www.debian.org/security/2010/dsa-2135", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2010/dsa-2135" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144" }, { "reference_url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2010/10/04/6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html" }, { "reference_url": "http://www.securityfocus.com/bid/43841", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/43841" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1005-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1005-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2897", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/2897" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3097", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/3097" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0230", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0230" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165", "reference_id": "599165", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960", "reference_id": "638960", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=638960" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.5a:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.7a:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.91a:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.91b:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.91c:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.92a:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.92b:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.92c:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.92d:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.92e:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.93a:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.93b:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:0.93c:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:1.00a:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:3.0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:3.02pl1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:3.02pl2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:foolabs:xpdf:3.02pl3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.80:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.90:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.91:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.92:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:0.93:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:1.00:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:1.01:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:2.00:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:2.01:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:2.02:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:2.03:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:3.00:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:3.01:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:glyphandcog:xpdfreader:3.02:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kde:kdegraphics:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:kde:kdegraphics:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:kde:kdegraphics:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.12.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.12.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.13.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.13.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.13.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.14.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.14.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.14.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.14.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.14.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.14.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3704", "reference_id": "CVE-2010-3704", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3704" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://security.gentoo.org/glsa/201402-17", "reference_id": "GLSA-201402-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201402-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0749", "reference_id": "RHSA-2010:0749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0751", "reference_id": "RHSA-2010:0751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0752", "reference_id": "RHSA-2010:0752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0753", "reference_id": "RHSA-2010:0753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0859", "reference_id": "RHSA-2010:0859", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0859" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1201", "reference_id": "RHSA-2012:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1201" }, { "reference_url": "https://usn.ubuntu.com/1005-1/", "reference_id": "USN-1005-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1005-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2010-3704" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4128-ep6n-hufz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69084?format=api", "vulnerability_id": "VCID-44yv-r4hg-17db", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14520.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14520.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44995", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45008", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45009", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45031", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44999", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45001", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45051", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45044", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44956", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51975", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51927", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.52", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14520" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4079" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494582", "reference_id": "1494582", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494582" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876081", "reference_id": "876081", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876081" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14520", "reference_id": "CVE-2017-14520", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14520" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14520" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-44yv-r4hg-17db" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78166?format=api", "vulnerability_id": "VCID-48ua-ch85-w3cg", "summary": "poppler: Reachable assertion in Object.h", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38349.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38349.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38349", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05403", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05714", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05779", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05743", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05755", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05751", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0579", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05815", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05794", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38349" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282", "reference_id": "1282", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:39:03Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251630", "reference_id": "2251630", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251630" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28", "reference_id": "4564a002bcb6094cc460bc0d5ddff9423fe6dd28", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:39:03Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28" }, { "reference_url": "https://usn.ubuntu.com/6508-1/", "reference_id": "USN-6508-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6508-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2022-38349" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-48ua-ch85-w3cg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31235?format=api", "vulnerability_id": "VCID-4jfu-4w71-g7bt", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1187.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1187.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1187", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.39915", "scoring_system": "epss", "scoring_elements": "0.97303", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.39915", "scoring_system": "epss", "scoring_elements": "0.97309", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.39915", "scoring_system": "epss", "scoring_elements": "0.97314", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.39915", "scoring_system": "epss", "scoring_elements": "0.97315", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.39915", "scoring_system": "epss", "scoring_elements": "0.97322", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.39915", "scoring_system": "epss", "scoring_elements": "0.97324", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.39915", "scoring_system": "epss", "scoring_elements": "0.97325", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.39915", "scoring_system": "epss", "scoring_elements": "0.97326", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.39915", "scoring_system": "epss", "scoring_elements": "0.97334", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.39915", "scoring_system": "epss", "scoring_elements": "0.97337", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.39915", "scoring_system": "epss", "scoring_elements": "0.97338", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1187" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1187", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1187" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495906", "reference_id": "495906", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495906" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-1187" ], "risk_score": 0.2, "exploitability": "0.5", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4jfu-4w71-g7bt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87796?format=api", "vulnerability_id": "VCID-4rx1-68jr-myac", "summary": "xpdf: Invalid pointer dereference by processing JBIG2 PDF stream objects", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0206.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0206.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63361", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63384", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63258", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63317", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63344", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.6331", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63362", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63379", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63397", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.6338", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63343", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63377", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0206" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0206" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2010-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2010-0206" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=580105", "reference_id": "580105", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=580105" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.03-17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.03-17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.03-17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.04-13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.04-13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.04-13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.04-4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.04-4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.04-4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0206", "reference_id": "CVE-2010-0206", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0206" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035935?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-6" } ], "aliases": [ "CVE-2010-0206" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4rx1-68jr-myac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70459?format=api", "vulnerability_id": "VCID-4ucr-xaac-7uc7", "summary": "poppler: Floating-Point Exception in Poppler", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32364.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32364.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32364", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26434", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26252", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26371", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.2638", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26333", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26275", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26281", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26256", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26478", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26319", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29831", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32364" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102190", "reference_id": "1102190", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102190" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1574", "reference_id": "1574", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T16:06:56Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1574" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357657", "reference_id": "2357657", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357657" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/d87bc726c7cc98f8c26b60ece5f20236e9de1bc3", "reference_id": "d87bc726c7cc98f8c26b60ece5f20236e9de1bc3", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T16:06:56Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/d87bc726c7cc98f8c26b60ece5f20236e9de1bc3" }, { "reference_url": "https://usn.ubuntu.com/7426-1/", "reference_id": "USN-7426-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7426-1/" }, { "reference_url": "https://usn.ubuntu.com/7426-2/", "reference_id": "USN-7426-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7426-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2025-32364" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4ucr-xaac-7uc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31246?format=api", "vulnerability_id": "VCID-4yej-ag45-uuga", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=bf2055088a3a2d3bb3d3c37d464954ec1a25771f" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3703.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3703.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3703", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01118", "scoring_system": "epss", "scoring_elements": "0.78249", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01118", "scoring_system": "epss", "scoring_elements": "0.78164", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01118", "scoring_system": "epss", "scoring_elements": "0.78173", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01118", "scoring_system": "epss", "scoring_elements": "0.78203", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01118", "scoring_system": "epss", "scoring_elements": "0.78185", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01118", "scoring_system": "epss", "scoring_elements": "0.78212", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01118", "scoring_system": "epss", "scoring_elements": "0.78217", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01118", "scoring_system": "epss", "scoring_elements": "0.78243", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01118", "scoring_system": "epss", "scoring_elements": "0.78226", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01118", "scoring_system": "epss", "scoring_elements": "0.78222", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01118", "scoring_system": "epss", "scoring_elements": "0.78254", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01118", "scoring_system": "epss", "scoring_elements": "0.78252", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3703" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3703" }, { "reference_url": "http://secunia.com/advisories/42357", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42357" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2010/10/04/6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1005-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1005-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165", "reference_id": "599165", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=639356", "reference_id": "639356", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=639356" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.11.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.12.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.12.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.12.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.12.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.12.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.13.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.13.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.13.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.13.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.13.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.14.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.14.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.14.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.14.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.14.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.14.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.14.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.8.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.9.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.9.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.9.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3703", "reference_id": "CVE-2010-3703", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3703" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0859", "reference_id": "RHSA-2010:0859", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0859" }, { "reference_url": "https://usn.ubuntu.com/1005-1/", "reference_id": "USN-1005-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1005-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2010-3703" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4yej-ag45-uuga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82120?format=api", "vulnerability_id": "VCID-5jej-esjt-uqak", "summary": "poppler: integer overflow in Parser::makeStream in Parser.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21009.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21009.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-21009", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65047", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65161", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65131", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65167", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65177", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65097", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65124", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65088", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65137", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.6515", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65169", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65159", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-21009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21009" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/commit/0868c499a9f5f37f8df5c9fef03c37496b40fc8a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/commit/0868c499a9f5f37f8df5c9fef03c37496b40fc8a" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753850", "reference_id": "1753850", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753850" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-21009", "reference_id": "CVE-2018-21009", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-21009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074", "reference_id": "RHSA-2020:1074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1074" }, { "reference_url": "https://usn.ubuntu.com/4646-1/", "reference_id": "USN-4646-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4646-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2018-21009" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5jej-esjt-uqak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82426?format=api", "vulnerability_id": "VCID-5py7-z1gg-9fet", "summary": "poppler: divide-by-zero in function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14494.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14494.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83467", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.8348", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83494", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83493", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83518", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83527", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83542", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83536", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83532", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83566", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83567", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83568", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14494" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797453", "reference_id": "1797453", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797453" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933812", "reference_id": "933812", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3977", "reference_id": "RHSA-2020:3977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4643", "reference_id": "RHSA-2020:4643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4643" }, { "reference_url": "https://usn.ubuntu.com/4091-1/", "reference_id": "USN-4091-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4091-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2019-14494" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5py7-z1gg-9fet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31227?format=api", "vulnerability_id": "VCID-65sa-tagy-3ybs", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0799.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0799.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0799", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00968", "scoring_system": "epss", "scoring_elements": "0.76544", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00968", "scoring_system": "epss", "scoring_elements": "0.76549", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00968", "scoring_system": "epss", "scoring_elements": "0.76577", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00968", "scoring_system": "epss", "scoring_elements": "0.76558", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00968", "scoring_system": "epss", "scoring_elements": "0.7659", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00968", "scoring_system": "epss", "scoring_elements": "0.76601", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00968", "scoring_system": "epss", "scoring_elements": "0.76628", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00968", "scoring_system": "epss", "scoring_elements": "0.76607", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00968", "scoring_system": "epss", "scoring_elements": "0.76598", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00968", "scoring_system": "epss", "scoring_elements": "0.76639", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00968", "scoring_system": "epss", "scoring_elements": "0.76643", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00968", "scoring_system": "epss", "scoring_elements": "0.76631", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0799" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495886", "reference_id": "495886", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495886" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-0799" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-65sa-tagy-3ybs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31233?format=api", "vulnerability_id": "VCID-68rw-a4ah-5khm", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1182.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1182.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1182", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07101", "scoring_system": "epss", "scoring_elements": "0.91487", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07101", "scoring_system": "epss", "scoring_elements": "0.91493", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07101", "scoring_system": "epss", "scoring_elements": "0.915", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07101", "scoring_system": "epss", "scoring_elements": "0.91508", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07101", "scoring_system": "epss", "scoring_elements": "0.91521", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07101", "scoring_system": "epss", "scoring_elements": "0.91527", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07101", "scoring_system": "epss", "scoring_elements": "0.91532", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07101", "scoring_system": "epss", "scoring_elements": "0.91533", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07101", "scoring_system": "epss", "scoring_elements": "0.91531", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07101", "scoring_system": "epss", "scoring_elements": "0.91554", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07101", "scoring_system": "epss", "scoring_elements": "0.91549", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1182" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1182" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495896", "reference_id": "495896", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495896" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-1182" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-68rw-a4ah-5khm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31254?format=api", "vulnerability_id": "VCID-6b75-d741-vufk", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=b1026b5978c385328f2a15a2185c599a563edf91", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=b1026b5978c385328f2a15a2185c599a563edf91" }, { "reference_url": "http://j00ru.vexillium.org/?p=1507", "reference_id": "", "reference_type": "", "scores": [], "url": "http://j00ru.vexillium.org/?p=1507" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100081.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100081.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100090.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100090.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1790.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1790.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1790", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86091", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86012", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86023", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86039", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86059", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86069", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86083", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.8608", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86076", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86093", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86098", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1790" }, { "reference_url": "http://secunia.com/advisories/52846", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/52846" }, { "reference_url": "http://ubuntu.com/usn/usn-1785-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ubuntu.com/usn/usn-1785-1" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2719", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2013/dsa-2719" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:143", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:143" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/02/28/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/02/28/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/02/28/8", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/02/28/8" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702071", "reference_id": "702071", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702071" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=917111", "reference_id": "917111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=917111" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1790", "reference_id": "CVE-2013-1790", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1790" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://usn.ubuntu.com/1785-1/", "reference_id": "USN-1785-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1785-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035935?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-6" } ], "aliases": [ "CVE-2013-1790" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6b75-d741-vufk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31237?format=api", "vulnerability_id": "VCID-6dwz-8kx9-rugr", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3603.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3603.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3603", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06276", "scoring_system": "epss", "scoring_elements": "0.90877", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06276", "scoring_system": "epss", "scoring_elements": "0.90882", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06276", "scoring_system": "epss", "scoring_elements": "0.90892", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06276", "scoring_system": "epss", "scoring_elements": "0.90902", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06276", "scoring_system": "epss", "scoring_elements": "0.90913", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06276", "scoring_system": "epss", "scoring_elements": "0.9092", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06276", "scoring_system": "epss", "scoring_elements": "0.90928", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06276", "scoring_system": "epss", "scoring_elements": "0.90929", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06276", "scoring_system": "epss", "scoring_elements": "0.90952", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06276", "scoring_system": "epss", "scoring_elements": "0.9095", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06276", "scoring_system": "epss", "scoring_elements": "0.90951", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3603" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915", "reference_id": "526915", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526915" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287", "reference_id": "551287", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289", "reference_id": "551289", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1504", "reference_id": "RHSA-2009:1504", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1504" }, { "reference_url": "https://usn.ubuntu.com/850-1/", "reference_id": "USN-850-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-1/" }, { "reference_url": "https://usn.ubuntu.com/850-3/", "reference_id": "USN-850-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-3603" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6dwz-8kx9-rugr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56452?format=api", "vulnerability_id": "VCID-6wa8-zfbz-hqcg", "summary": "Multiple vulnerabilities in Xpdf could result in execution of\n arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4035.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-4035.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4035", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0245", "scoring_system": "epss", "scoring_elements": "0.8513", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0245", "scoring_system": "epss", "scoring_elements": "0.85142", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0245", "scoring_system": "epss", "scoring_elements": "0.85159", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0245", "scoring_system": "epss", "scoring_elements": "0.85161", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0245", "scoring_system": "epss", "scoring_elements": "0.85183", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0245", "scoring_system": "epss", "scoring_elements": "0.85191", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0245", "scoring_system": "epss", "scoring_elements": "0.85206", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0245", "scoring_system": "epss", "scoring_elements": "0.85203", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0245", "scoring_system": "epss", "scoring_elements": "0.852", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0245", "scoring_system": "epss", "scoring_elements": "0.85221", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0245", "scoring_system": "epss", "scoring_elements": "0.85223", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4035" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=541614", "reference_id": "541614", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=541614" }, { "reference_url": "https://security.gentoo.org/glsa/201402-17", "reference_id": "GLSA-201402-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201402-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1680", "reference_id": "RHSA-2009:1680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1681", "reference_id": "RHSA-2009:1681", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1681" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1682", "reference_id": "RHSA-2009:1682", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1682" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035932?format=api", "purl": "pkg:deb/debian/poppler@0.8.7-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-35b2-jj1x-rkcf" }, { "vulnerability": "VCID-3eaw-7xrw-tkft" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-4128-ep6n-hufz" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4jfu-4w71-g7bt" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-4yej-ag45-uuga" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-65sa-tagy-3ybs" }, { "vulnerability": "VCID-68rw-a4ah-5khm" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-6dwz-8kx9-rugr" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8nj9-hqay-dfdj" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-ctb2-8h4y-vybd" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dgb8-nes9-8fb7" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gbm8-vcwy-u3g2" }, { "vulnerability": "VCID-gbuy-ru9c-h3en" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jvuz-2phs-87du" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-neqs-cg1p-7bb7" }, { "vulnerability": "VCID-ng15-dzek-kyda" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-rm6a-c4rf-f7hc" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-uczb-yext-6yfq" }, { "vulnerability": "VCID-uny2-k19n-1bb2" }, { "vulnerability": "VCID-v15u-sguq-skg9" }, { "vulnerability": "VCID-vudr-8rrg-hufx" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-xddx-numk-a7bn" }, { "vulnerability": "VCID-ynvq-nzrq-9bca" }, { "vulnerability": "VCID-yu46-ypr2-dfce" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zr8n-mfu1-4yg4" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.8.7-4" } ], "aliases": [ "CVE-2009-4035" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6wa8-zfbz-hqcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79174?format=api", "vulnerability_id": "VCID-72nw-9jgd-4kdw", "summary": "poppler: abort in main() in pdfunite.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37051.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37051.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37051", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13629", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.1369", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.1349", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13571", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13621", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13593", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13556", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13508", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.1342", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13416", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13489", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37051" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37051", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37051" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234528", "reference_id": "2234528", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234528" }, { "reference_url": "https://usn.ubuntu.com/6508-1/", "reference_id": "USN-6508-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6508-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2022-37051" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-72nw-9jgd-4kdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82919?format=api", "vulnerability_id": "VCID-74sz-r8kq-qkd5", "summary": "poppler: reachable Object::getString assertion in AnnotRichMedia class in Annot.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20551.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20551.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20551", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54012", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54117", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54094", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54133", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54137", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.5403", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54056", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54033", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54085", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54083", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54129", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54111", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20551" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/703", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/703" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/merge_requests/146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/merge_requests/146" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665259", "reference_id": "1665259", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665259" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917525", "reference_id": "917525", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917525" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20551", "reference_id": "CVE-2018-20551", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3886-1/", "reference_id": "USN-3886-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3886-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2018-20551" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-74sz-r8kq-qkd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83988?format=api", "vulnerability_id": "VCID-7n47-6efe-eybd", "summary": "poppler: NULL pointer dereference in the AnnotRichMedia::Content::Content", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14926.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14926.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14926", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38591", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.3867", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38643", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38691", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38669", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.5244", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52468", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52433", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52486", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.5248", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52531", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52395", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14926" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14926" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500323", "reference_id": "1500323", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500323" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877239", "reference_id": "877239", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877239" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14926", "reference_id": "CVE-2017-14926", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14926" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14926" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7n47-6efe-eybd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82739?format=api", "vulnerability_id": "VCID-7p5r-eqxs-tugv", "summary": "poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9631.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9631.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84271", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84364", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84338", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.8436", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84361", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84284", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84303", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84304", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84326", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84331", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84349", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84342", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/736" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00011.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686802", "reference_id": "1686802", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686802" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926673", "reference_id": "926673", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926673" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9631", "reference_id": "CVE-2019-9631", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2019-9631" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7p5r-eqxs-tugv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31244?format=api", "vulnerability_id": "VCID-8nj9-hqay-dfdj", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3938.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3938.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3938", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03449", "scoring_system": "epss", "scoring_elements": "0.87454", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03449", "scoring_system": "epss", "scoring_elements": "0.87464", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03449", "scoring_system": "epss", "scoring_elements": "0.87478", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03449", "scoring_system": "epss", "scoring_elements": "0.8748", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03449", "scoring_system": "epss", "scoring_elements": "0.875", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03449", "scoring_system": "epss", "scoring_elements": "0.87506", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03449", "scoring_system": "epss", "scoring_elements": "0.87517", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03449", "scoring_system": "epss", "scoring_elements": "0.87512", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03449", "scoring_system": "epss", "scoring_elements": "0.87509", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03449", "scoring_system": "epss", "scoring_elements": "0.87524", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03449", "scoring_system": "epss", "scoring_elements": "0.87525", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3938" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680", "reference_id": "534680", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534680" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=537471", "reference_id": "537471", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=537471" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-3938" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8nj9-hqay-dfdj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82724?format=api", "vulnerability_id": "VCID-8t2a-b56v-tqcs", "summary": "poppler: stack consumption in function Dict::find() in Dict.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9903.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9903.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9903", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72654", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72751", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72706", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72748", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72759", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72662", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72679", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72657", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72696", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72709", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72733", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72716", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9903" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/741" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE/" }, { "reference_url": "https://research.loginsoft.com/bugs/stack-based-buffer-overflows-in-dictfind-poppler-0-74-0/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://research.loginsoft.com/bugs/stack-based-buffer-overflows-in-dictfind-poppler-0-74-0/" }, { "reference_url": "http://www.securityfocus.com/bid/107560", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107560" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1691724", "reference_id": "1691724", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1691724" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925264", "reference_id": "925264", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925264" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9903", "reference_id": "CVE-2019-9903", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2019-9903" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8t2a-b56v-tqcs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82664?format=api", "vulnerability_id": "VCID-96jm-1vhy-eyfd", "summary": "poppler: infinite recursion in function FontInfoScanner::scanFonts in FontInfo.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11026.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11026.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11026", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66509", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66615", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.6658", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66616", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66631", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66549", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66574", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66546", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66593", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66607", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66626", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66614", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11026" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11026" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/752" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5JWQE2WP4W4F2FEYPYJQBPQIOG75MVH/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5JWQE2WP4W4F2FEYPYJQBPQIOG75MVH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE/" }, { "reference_url": "https://research.loginsoft.com/bugs/1508/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://research.loginsoft.com/bugs/1508/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1699862", "reference_id": "1699862", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1699862" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926721", "reference_id": "926721", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926721" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.75.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.75.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.75.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11026", "reference_id": "CVE-2019-11026", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11026" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2019-11026" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-96jm-1vhy-eyfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93950?format=api", "vulnerability_id": "VCID-9hnb-h64u-zkev", "summary": "In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12957", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52505", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52506", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.5249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52473", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52513", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52519", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52455", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52888", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52914", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52882", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52933", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52862", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12957" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035936?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2~bpo70%252B1" } ], "aliases": [ "CVE-2019-12957" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9hnb-h64u-zkev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31251?format=api", "vulnerability_id": "VCID-9yxn-jhqm-hbhv", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=0388837f01bc467045164f9ddaff787000a8caaa", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=0388837f01bc467045164f9ddaff787000a8caaa" }, { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=8b6dc55e530b2f5ede6b9dfb64aafdd1d5836492", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=8b6dc55e530b2f5ede6b9dfb64aafdd1d5836492" }, { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=957aa252912cde85d76c41e9710b33425a82b696", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=957aa252912cde85d76c41e9710b33425a82b696" }, { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=bbc2d8918fe234b7ef2c480eb148943922cc0959", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=bbc2d8918fe234b7ef2c480eb148943922cc0959" }, { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=e14b6e9c13d35c9bd1e0c50906ace8e707816888", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=e14b6e9c13d35c9bd1e0c50906ace8e707816888" }, { "reference_url": "http://j00ru.vexillium.org/?p=1507", "reference_id": "", "reference_type": "", "scores": [], "url": "http://j00ru.vexillium.org/?p=1507" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100081.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100081.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100090.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100090.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1788.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1788.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1788", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88668", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88605", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88614", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.8863", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88631", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.8865", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88654", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88667", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.8866", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88673", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.8867", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1788" }, { "reference_url": "http://secunia.com/advisories/52846", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/52846" }, { "reference_url": "http://ubuntu.com/usn/usn-1785-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ubuntu.com/usn/usn-1785-1" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2719", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2013/dsa-2719" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:143", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:143" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/02/28/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/02/28/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/02/28/8", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/02/28/8" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702071", "reference_id": "702071", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702071" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=917108", "reference_id": "917108", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=917108" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1788", "reference_id": "CVE-2013-1788", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1788" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://usn.ubuntu.com/1785-1/", "reference_id": "USN-1785-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1785-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035935?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-6" } ], "aliases": [ "CVE-2013-1788" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9yxn-jhqm-hbhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78187?format=api", "vulnerability_id": "VCID-bc96-6vy6-ryfz", "summary": "poppler: Stack-Overflow in `FoFiType1C::cvtGlyph`", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36023.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36023.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20984", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21138", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20935", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20968", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20956", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20955", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21193", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20906", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20987", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21048", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21064", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2102", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36023" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1013", "reference_id": "1013", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:59:31Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1013" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231510", "reference_id": "2231510", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231510" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:59:31Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html" }, { "reference_url": "https://usn.ubuntu.com/6299-1/", "reference_id": "USN-6299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2020-36023" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bc96-6vy6-ryfz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56083?format=api", "vulnerability_id": "VCID-bvmu-gq2p-jygf", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7511.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7511.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7511", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.54933", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55083", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55101", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55105", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55038", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55063", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55088", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.551", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.5508", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1456827", "reference_id": "1456827", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1456827" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863759", "reference_id": "863759", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863759" }, { "reference_url": "https://security.gentoo.org/glsa/201801-17", "reference_id": "GLSA-201801-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201801-17" }, { "reference_url": "https://usn.ubuntu.com/3350-1/", "reference_id": "USN-3350-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3350-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-7511" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bvmu-gq2p-jygf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79177?format=api", "vulnerability_id": "VCID-c4wz-u632-eyeh", "summary": "poppler: abort in PDFDoc::savePageAs in PDFDoc.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37050.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37050.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37050", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19984", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19799", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19849", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19903", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19912", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19869", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19811", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19783", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19786", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20043", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19769", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37050" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1274", "reference_id": "1274", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1274" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234527", "reference_id": "2234527", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234527" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/dcd5bd8238ea448addd102ff045badd0aca1b990", "reference_id": "dcd5bd8238ea448addd102ff045badd0aca1b990", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/dcd5bd8238ea448addd102ff045badd0aca1b990" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00022.html" }, { "reference_url": "https://usn.ubuntu.com/6508-1/", "reference_id": "USN-6508-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6508-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2022-37050" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c4wz-u632-eyeh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57324?format=api", "vulnerability_id": "VCID-cf6h-786m-rkds", "summary": "Multiple vulnerabilities have been found in Poppler, allowing\n remote attackers to execute arbitrary code or cause a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4473.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4473.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4473", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84583", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84597", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84618", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.8462", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84641", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84648", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84666", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84661", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84656", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84677", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84678", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84679", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4473" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1024753", "reference_id": "1024753", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1024753" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729064", "reference_id": "729064", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729064" }, { "reference_url": "https://security.gentoo.org/glsa/201401-21", "reference_id": "GLSA-201401-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-21" }, { "reference_url": "https://usn.ubuntu.com/2958-1/", "reference_id": "USN-2958-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2958-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035936?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2~bpo70%252B1" } ], "aliases": [ "CVE-2013-4473" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cf6h-786m-rkds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82344?format=api", "vulnerability_id": "VCID-crcj-9bh9-7kb7", "summary": "poppler: integer overflow in JPXStream::init function leading to memory consumption", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9959.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9959.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9959", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.80977", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.80986", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81009", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81008", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81036", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81043", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.8106", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81047", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81039", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81077", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81078", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81075", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9959" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9959", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9959" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732340", "reference_id": "1732340", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732340" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941776", "reference_id": "941776", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941776" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074", "reference_id": "RHSA-2020:1074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1074" }, { "reference_url": "https://usn.ubuntu.com/4646-1/", "reference_id": "USN-4646-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4646-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2019-9959" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-crcj-9bh9-7kb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69081?format=api", "vulnerability_id": "VCID-csqv-t3cr-4uap", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14517.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14517.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45896", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45897", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45904", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45956", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.4595", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61372", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61401", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6137", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61417", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61433", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61454", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61293", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14517" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102687" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4079" }, { "reference_url": "http://www.securityfocus.com/bid/105050", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/105050" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499162", "reference_id": "1499162", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499162" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876079", "reference_id": "876079", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876079" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14517", "reference_id": "CVE-2017-14517", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14517" }, { "reference_url": "https://usn.ubuntu.com/3433-1/", "reference_id": "USN-3433-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3433-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14517" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-csqv-t3cr-4uap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31225?format=api", "vulnerability_id": "VCID-ctb2-8h4y-vybd", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0166.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0166.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0166", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0519", "scoring_system": "epss", "scoring_elements": "0.8988", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0519", "scoring_system": "epss", "scoring_elements": "0.89883", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0519", "scoring_system": "epss", "scoring_elements": "0.89895", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0519", "scoring_system": "epss", "scoring_elements": "0.899", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0519", "scoring_system": "epss", "scoring_elements": "0.89916", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0519", "scoring_system": "epss", "scoring_elements": "0.89922", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0519", "scoring_system": "epss", "scoring_elements": "0.89929", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0519", "scoring_system": "epss", "scoring_elements": "0.89927", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0519", "scoring_system": "epss", "scoring_elements": "0.8992", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0519", "scoring_system": "epss", "scoring_elements": "0.89934", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0519", "scoring_system": "epss", "scoring_elements": "0.89936", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0519", "scoring_system": "epss", "scoring_elements": "0.89931", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0166" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0166" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625", "reference_id": "490625", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490625" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/200904-20", "reference_id": "GLSA-200904-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200904-20" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-0166" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ctb2-8h4y-vybd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82912?format=api", "vulnerability_id": "VCID-cwyp-gapg-yufk", "summary": "poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20650.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20650.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20650", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57699", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57812", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57808", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57837", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57836", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57783", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57803", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57778", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57834", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57851", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57829", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20650" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20650", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20650" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/commit/de0c0b8324e776f0b851485e0fc9622fc35695b7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/commit/de0c0b8324e776f0b851485e0fc9622fc35695b7" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/704" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html" }, { "reference_url": "http://www.securityfocus.com/bid/106459", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106459" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665263", "reference_id": "1665263", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665263" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917974", "reference_id": "917974", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917974" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20650", "reference_id": "CVE-2018-20650", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3865-1/", "reference_id": "USN-3865-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3865-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2018-20650" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cwyp-gapg-yufk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70458?format=api", "vulnerability_id": "VCID-d5fj-5prg-97f4", "summary": "poppler: Out-of-Bounds Read in Poppler", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32365.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32365.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32365", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23524", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23385", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23484", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23446", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23391", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23408", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23403", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23561", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23343", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23416", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23466", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32365" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102191", "reference_id": "1102191", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102191" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1577", "reference_id": "1577", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T14:43:55Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1577" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1792", "reference_id": "1792", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T14:43:55Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1792" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357656", "reference_id": "2357656", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0126", "reference_id": "RHSA-2026:0126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0128", "reference_id": "RHSA-2026:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0130", "reference_id": "RHSA-2026:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0772", "reference_id": "RHSA-2026:0772", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0773", "reference_id": "RHSA-2026:0773", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0773" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0774", "reference_id": "RHSA-2026:0774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0795", "reference_id": "RHSA-2026:0795", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0795" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0796", "reference_id": "RHSA-2026:0796", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0797", "reference_id": "RHSA-2026:0797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0799", "reference_id": "RHSA-2026:0799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1090", "reference_id": "RHSA-2026:1090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1091", "reference_id": "RHSA-2026:1091", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1091" }, { "reference_url": "https://usn.ubuntu.com/7426-1/", "reference_id": "USN-7426-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7426-1/" }, { "reference_url": "https://usn.ubuntu.com/7426-2/", "reference_id": "USN-7426-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7426-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2025-32365" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d5fj-5prg-97f4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31223?format=api", "vulnerability_id": "VCID-dgb8-nes9-8fb7", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0147.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0147.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0147", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02384", "scoring_system": "epss", "scoring_elements": "0.84926", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02384", "scoring_system": "epss", "scoring_elements": "0.8494", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02384", "scoring_system": "epss", "scoring_elements": "0.84959", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02384", "scoring_system": "epss", "scoring_elements": "0.84963", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02384", "scoring_system": "epss", "scoring_elements": "0.84986", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02384", "scoring_system": "epss", "scoring_elements": "0.84993", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02384", "scoring_system": "epss", "scoring_elements": "0.85008", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02384", "scoring_system": "epss", "scoring_elements": "0.85006", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02384", "scoring_system": "epss", "scoring_elements": "0.85003", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02384", "scoring_system": "epss", "scoring_elements": "0.85024", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02384", "scoring_system": "epss", "scoring_elements": "0.85026", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02384", "scoring_system": "epss", "scoring_elements": "0.85023", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0147" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0147" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=490614", "reference_id": "490614", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490614" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/200904-20", "reference_id": "GLSA-200904-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200904-20" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-0147" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dgb8-nes9-8fb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82678?format=api", "vulnerability_id": "VCID-dh3p-2g4s-wke6", "summary": "poppler: heap-based buffer over-read in function Splash::blitTransparent in splash/Splash.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10872.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10872.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10872", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76097", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76184", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76156", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76198", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76201", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.761", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76132", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76112", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76145", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76158", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76183", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76159", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10872" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/750" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00002.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/" }, { "reference_url": "http://www.securityfocus.com/bid/107862", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107862" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696638", "reference_id": "1696638", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696638" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926530", "reference_id": "926530", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926530" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10872", "reference_id": "CVE-2019-10872", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10872" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2019-10872" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dh3p-2g4s-wke6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48283?format=api", "vulnerability_id": "VCID-dn3b-smm9-63eb", "summary": "Poppler does not handle fonts inside PDF files safely, allowing for\n execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1693.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1693.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1693", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.9181", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91818", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91824", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91832", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91844", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.9185", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91854", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91851", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91871", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91867", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.07598", "scoring_system": "epss", "scoring_elements": "0.91865", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1693" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1693" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=441722", "reference_id": "441722", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=441722" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476842", "reference_id": "476842", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=476842" }, { "reference_url": "https://security.gentoo.org/glsa/200804-18", "reference_id": "GLSA-200804-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200804-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0238", "reference_id": "RHSA-2008:0238", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0238" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0239", "reference_id": "RHSA-2008:0239", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0239" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0240", "reference_id": "RHSA-2008:0240", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0240" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2008:0262", "reference_id": "RHSA-2008:0262", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2008:0262" }, { "reference_url": "https://usn.ubuntu.com/603-1/", "reference_id": "USN-603-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/603-1/" }, { "reference_url": "https://usn.ubuntu.com/603-2/", "reference_id": "USN-603-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/603-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035932?format=api", "purl": "pkg:deb/debian/poppler@0.8.7-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-35b2-jj1x-rkcf" }, { "vulnerability": "VCID-3eaw-7xrw-tkft" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-4128-ep6n-hufz" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4jfu-4w71-g7bt" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-4yej-ag45-uuga" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-65sa-tagy-3ybs" }, { "vulnerability": "VCID-68rw-a4ah-5khm" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-6dwz-8kx9-rugr" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8nj9-hqay-dfdj" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-ctb2-8h4y-vybd" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dgb8-nes9-8fb7" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gbm8-vcwy-u3g2" }, { "vulnerability": "VCID-gbuy-ru9c-h3en" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jvuz-2phs-87du" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-neqs-cg1p-7bb7" }, { "vulnerability": "VCID-ng15-dzek-kyda" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-rm6a-c4rf-f7hc" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-uczb-yext-6yfq" }, { "vulnerability": "VCID-uny2-k19n-1bb2" }, { "vulnerability": "VCID-v15u-sguq-skg9" }, { "vulnerability": "VCID-vudr-8rrg-hufx" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-xddx-numk-a7bn" }, { "vulnerability": "VCID-ynvq-nzrq-9bca" }, { "vulnerability": "VCID-yu46-ypr2-dfce" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zr8n-mfu1-4yg4" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.8.7-4" } ], "aliases": [ "CVE-2008-1693" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dn3b-smm9-63eb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87913?format=api", "vulnerability_id": "VCID-e6c9-n7zk-3bfz", "summary": "poppler: heap based buffer overflow in DCTStream.cc", "references": [ { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/poppler/DCTStream.cc?id=fc071d800cb4329a3ccf898d7bf16b4db7323ad8", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/poppler/DCTStream.cc?id=fc071d800cb4329a3ccf898d7bf16b4db7323ad8" }, { "reference_url": "http://comments.gmane.org/gmane.comp.security.oss.general/11132", "reference_id": "", "reference_type": "", "scores": [], "url": "http://comments.gmane.org/gmane.comp.security.oss.general/11132" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5110.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5110.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-5110", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73678", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73583", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73592", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73616", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73588", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73624", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73637", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.7366", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73643", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73634", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73677", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73686", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-5110" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=26280", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=26280" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5110" }, { "reference_url": "http://secunia.com/advisories/59857", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59857" }, { "reference_url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140817-1.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140817-1.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=647377", "reference_id": "647377", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=647377" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=722705", "reference_id": "722705", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=722705" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.13.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.13.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.13.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-5110", "reference_id": "CVE-2010-5110", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-5110" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035935?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-6" } ], "aliases": [ "CVE-2010-5110" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6c9-n7zk-3bfz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93941?format=api", "vulnerability_id": "VCID-ebyg-yhza-wkaq", "summary": "A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12493", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52858", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52749", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52773", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52799", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52767", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52818", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52811", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52862", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52846", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.5283", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52867", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52874", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12493" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" } ], "aliases": [ "CVE-2019-12493" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ebyg-yhza-wkaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81122?format=api", "vulnerability_id": "VCID-enu8-gjre-fbap", "summary": "poppler: uncontrolled recursion in pdfinfo and pdftops", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-23804.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-23804.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-23804", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49843", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.4988", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49909", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49859", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49913", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49906", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49925", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49897", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49898", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49944", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49917", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-23804" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23804", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23804" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234526", "reference_id": "2234526", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234526" }, { "reference_url": "https://usn.ubuntu.com/6508-1/", "reference_id": "USN-6508-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6508-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2020-23804" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-enu8-gjre-fbap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60453?format=api", "vulnerability_id": "VCID-ervb-318m-tygv", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14975.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14975.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.7795", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78034", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78008", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78007", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78042", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78041", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77957", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77986", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77967", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77994", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77999", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78026", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14975" }, { "reference_url": "https://bugzilla.freedesktop.org/show_bug.cgi?id=102653", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.freedesktop.org/show_bug.cgi?id=102653" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4079" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500343", "reference_id": "1500343", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500343" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877957", "reference_id": "877957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877957" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14975", "reference_id": "CVE-2017-14975", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14975" }, { "reference_url": "https://security.gentoo.org/glsa/201804-03", "reference_id": "GLSA-201804-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-03" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14975" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ervb-318m-tygv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83020?format=api", "vulnerability_id": "VCID-ervj-1sdg-b3bm", "summary": "poppler: pdfdetach utility does not validate save paths", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19060.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19060.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19060", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35073", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35273", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35301", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35182", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35227", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35252", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35256", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35221", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35197", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35235", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35172", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19060" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649450", "reference_id": "1649450", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649450" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913182", "reference_id": "913182", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2018-19060" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ervj-1sdg-b3bm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60455?format=api", "vulnerability_id": "VCID-ex2h-ahg3-s7b9", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14977.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14977.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.7795", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78034", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78008", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78007", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78042", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78041", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77957", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77986", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77967", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77994", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77999", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78026", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14977" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=103045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=103045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4079" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500344", "reference_id": "1500344", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500344" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877952", "reference_id": "877952", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877952" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14977", "reference_id": "CVE-2017-14977", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14977" }, { "reference_url": "https://security.gentoo.org/glsa/201804-03", "reference_id": "GLSA-201804-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-03" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14977" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ex2h-ahg3-s7b9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34873?format=api", "vulnerability_id": "VCID-fct6-695j-t7bs", "summary": "PDFKit and ImageKits are vulnerable to an integer overflow and a stack\n overflow allowing for the user-assisted execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3387.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-3387.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3387", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08892", "scoring_system": "epss", "scoring_elements": "0.92529", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08892", "scoring_system": "epss", "scoring_elements": "0.92534", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08892", "scoring_system": "epss", "scoring_elements": "0.92541", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08892", "scoring_system": "epss", "scoring_elements": "0.92544", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08892", "scoring_system": "epss", "scoring_elements": "0.92554", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08892", "scoring_system": "epss", "scoring_elements": "0.92559", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08892", "scoring_system": "epss", "scoring_elements": "0.92565", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08892", "scoring_system": "epss", "scoring_elements": "0.92566", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08892", "scoring_system": "epss", "scoring_elements": "0.92577", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.08892", "scoring_system": "epss", "scoring_elements": "0.92576", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.08892", "scoring_system": "epss", "scoring_elements": "0.92579", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-3387" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3387" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=248194", "reference_id": "248194", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=248194" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435460", "reference_id": "435460", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435460" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435462", "reference_id": "435462", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=435462" }, { "reference_url": "https://security.gentoo.org/glsa/200709-12", "reference_id": "GLSA-200709-12", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200709-12" }, { "reference_url": "https://security.gentoo.org/glsa/200709-17", "reference_id": "GLSA-200709-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200709-17" }, { "reference_url": "https://security.gentoo.org/glsa/200710-08", "reference_id": "GLSA-200710-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200710-08" }, { "reference_url": "https://security.gentoo.org/glsa/200710-20", "reference_id": "GLSA-200710-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200710-20" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0720", "reference_id": "RHSA-2007:0720", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0720" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0729", "reference_id": "RHSA-2007:0729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0730", "reference_id": "RHSA-2007:0730", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0730" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0731", "reference_id": "RHSA-2007:0731", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0731" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0732", "reference_id": "RHSA-2007:0732", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0732" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:0735", "reference_id": "RHSA-2007:0735", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:0735" }, { "reference_url": "https://usn.ubuntu.com/496-1/", "reference_id": "USN-496-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/496-1/" }, { "reference_url": "https://usn.ubuntu.com/496-2/", "reference_id": "USN-496-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/496-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035932?format=api", "purl": "pkg:deb/debian/poppler@0.8.7-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-35b2-jj1x-rkcf" }, { "vulnerability": "VCID-3eaw-7xrw-tkft" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-4128-ep6n-hufz" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4jfu-4w71-g7bt" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-4yej-ag45-uuga" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-65sa-tagy-3ybs" }, { "vulnerability": "VCID-68rw-a4ah-5khm" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-6dwz-8kx9-rugr" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8nj9-hqay-dfdj" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-ctb2-8h4y-vybd" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dgb8-nes9-8fb7" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gbm8-vcwy-u3g2" }, { "vulnerability": "VCID-gbuy-ru9c-h3en" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jvuz-2phs-87du" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-neqs-cg1p-7bb7" }, { "vulnerability": "VCID-ng15-dzek-kyda" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-rm6a-c4rf-f7hc" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-uczb-yext-6yfq" }, { "vulnerability": "VCID-uny2-k19n-1bb2" }, { "vulnerability": "VCID-v15u-sguq-skg9" }, { "vulnerability": "VCID-vudr-8rrg-hufx" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-xddx-numk-a7bn" }, { "vulnerability": "VCID-ynvq-nzrq-9bca" }, { "vulnerability": "VCID-yu46-ypr2-dfce" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zr8n-mfu1-4yg4" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.8.7-4" } ], "aliases": [ "CVE-2007-3387" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fct6-695j-t7bs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31230?format=api", "vulnerability_id": "VCID-gbm8-vcwy-u3g2", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1179.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1179.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1179", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.27841", "scoring_system": "epss", "scoring_elements": "0.96426", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.27841", "scoring_system": "epss", "scoring_elements": "0.96433", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.27841", "scoring_system": "epss", "scoring_elements": "0.96437", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.27841", "scoring_system": "epss", "scoring_elements": "0.9644", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.27841", "scoring_system": "epss", "scoring_elements": "0.96449", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.27841", "scoring_system": "epss", "scoring_elements": "0.96452", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.27841", "scoring_system": "epss", "scoring_elements": "0.96456", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.27841", "scoring_system": "epss", "scoring_elements": "0.96457", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.27841", "scoring_system": "epss", "scoring_elements": "0.96459", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.27841", "scoring_system": "epss", "scoring_elements": "0.96466", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.27841", "scoring_system": "epss", "scoring_elements": "0.9647", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.27841", "scoring_system": "epss", "scoring_elements": "0.96473", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1179" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495889", "reference_id": "495889", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495889" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-1179" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gbm8-vcwy-u3g2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88236?format=api", "vulnerability_id": "VCID-gbuy-ru9c-h3en", "summary": "poppler/evince: DoS via crafted PDF file", "references": [ { "reference_url": "http://bugs.freedesktop.org/show_bug.cgi?id=19790", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19790" }, { "reference_url": "http://lists.freedesktop.org/archives/poppler/2009-January/004406.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004406.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0755.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0755.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0755", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.23185", "scoring_system": "epss", "scoring_elements": "0.95956", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.23185", "scoring_system": "epss", "scoring_elements": "0.95901", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.23185", "scoring_system": "epss", "scoring_elements": "0.95909", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.23185", "scoring_system": "epss", "scoring_elements": "0.95917", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.23185", "scoring_system": "epss", "scoring_elements": "0.95921", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.23185", "scoring_system": "epss", "scoring_elements": "0.95929", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.23185", "scoring_system": "epss", "scoring_elements": "0.95933", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.23185", "scoring_system": "epss", "scoring_elements": "0.95936", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.23185", "scoring_system": "epss", "scoring_elements": "0.95938", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.23185", "scoring_system": "epss", "scoring_elements": "0.95949", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.23185", "scoring_system": "epss", "scoring_elements": "0.95954", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0755" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0755", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0755" }, { "reference_url": "http://secunia.com/advisories/33853", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33853" }, { "reference_url": "http://secunia.com/advisories/35685", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35685" }, { "reference_url": "http://secunia.com/advisories/37114", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/37114" }, { "reference_url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "reference_url": "http://www.debian.org/security/2009/dsa-1941", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2009/dsa-1941" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/02/13/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/02/19/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2" }, { "reference_url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/33749", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/33749" }, { "reference_url": "http://www.ubuntu.com/usn/USN-850-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-850-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=488337", "reference_id": "488337", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=488337" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518478", "reference_id": "518478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518478" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0755", "reference_id": "CVE-2009-0755", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0755" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/32800.txt", "reference_id": "CVE-2009-0756;OSVDB-51914;CVE-2009-0755", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/32800.txt" }, { "reference_url": "https://www.securityfocus.com/bid/33749/info", "reference_id": "CVE-2009-0756;OSVDB-51914;CVE-2009-0755", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/33749/info" }, { "reference_url": "https://usn.ubuntu.com/850-1/", "reference_id": "USN-850-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-0755" ], "risk_score": 9.0, "exploitability": "2.0", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gbuy-ru9c-h3en" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31248?format=api", "vulnerability_id": "VCID-gc6w-tctk-nycd", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4653.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4653.json" }, { "reference_url": "https://access.redhat.com/security/cve/cve-2010-4653", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/cve/cve-2010-4653" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4653", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73766", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73775", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73677", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73685", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73709", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73682", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73717", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73729", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73751", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73733", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73724", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73767", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4653" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4653", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4653" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4653", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4653" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201310-03.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201310-03.xml" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2010-4653", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2010-4653" }, { "reference_url": "http://www.securityfocus.com/bid/45948", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/45948" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=672165", "reference_id": "672165", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=672165" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4653", "reference_id": "CVE-2010-4653", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4653" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035935?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-6" } ], "aliases": [ "CVE-2010-4653" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gc6w-tctk-nycd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82511?format=api", "vulnerability_id": "VCID-gfxh-3er7-zyam", "summary": "xpdf: buffer over-read via crafted PDF document leads to DoS or memory leak", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12360.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12360.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12360", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57463", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57547", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57568", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57543", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57596", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.576", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57615", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57595", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57573", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57602", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57599", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57578", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12360" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850876", "reference_id": "1850876", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850876" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" } ], "aliases": [ "CVE-2019-12360" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gfxh-3er7-zyam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56087?format=api", "vulnerability_id": "VCID-gt34-muf6-abc7", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9865.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9865.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73288", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73383", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73381", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73389", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73297", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73321", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73293", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73329", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73342", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73366", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73346", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73338", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466435", "reference_id": "1466435", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466435" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867477", "reference_id": "867477", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867477" }, { "reference_url": "https://security.gentoo.org/glsa/201801-17", "reference_id": "GLSA-201801-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201801-17" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-9865" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gt34-muf6-abc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69082?format=api", "vulnerability_id": "VCID-h1ka-xthk-rug9", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14518.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14518.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50652", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.5064", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50625", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50667", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50673", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57322", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57345", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57321", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57372", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57374", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.5739", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.5724", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14518" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102688", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102688" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4079" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499163", "reference_id": "1499163", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499163" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876082", "reference_id": "876082", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876082" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14518", "reference_id": "CVE-2017-14518", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14518" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14518" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h1ka-xthk-rug9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49987?format=api", "vulnerability_id": "VCID-h3q1-dbx2-hubv", "summary": "A vulnerability has been discovered in Poppler which could allow for arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38784.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38784.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38784", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24575", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24494", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24506", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24499", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24652", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24689", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24461", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24531", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24591", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24547", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26228", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018971", "reference_id": "1018971", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018971" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124527", "reference_id": "2124527", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124527" }, { "reference_url": "https://security.archlinux.org/AVG-2812", "reference_id": "AVG-2812", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2812" }, { "reference_url": "https://security.gentoo.org/glsa/202209-21", "reference_id": "GLSA-202209-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2259", "reference_id": "RHSA-2023:2259", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2259" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2810", "reference_id": "RHSA-2023:2810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2810" }, { "reference_url": "https://usn.ubuntu.com/5606-1/", "reference_id": "USN-5606-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5606-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2022-38784" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h3q1-dbx2-hubv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83934?format=api", "vulnerability_id": "VCID-hf11-8tk1-5kc4", "summary": "poppler: Memory corruption via Gfx.cc infinite loop", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14929.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14929.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14929", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41069", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41145", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41128", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41171", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41142", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64671", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64677", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64693", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64709", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64589", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64642", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64629", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14929" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14929" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4097" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499167", "reference_id": "1499167", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499167" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877222", "reference_id": "877222", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877222" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14929", "reference_id": "CVE-2017-14929", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14929" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14929" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hf11-8tk1-5kc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82927?format=api", "vulnerability_id": "VCID-hmbq-4c5b-ukd7", "summary": "poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20481.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20481.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20481", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78778", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.7885", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78828", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78856", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78853", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78785", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78816", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78799", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78825", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78831", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78854", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78837", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/692", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/692" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html" }, { "reference_url": "http://www.securityfocus.com/bid/106321", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106321" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665266", "reference_id": "1665266", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665266" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917325", "reference_id": "917325", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917325" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20481", "reference_id": "CVE-2018-20481", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3865-1/", "reference_id": "USN-3865-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3865-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2018-20481" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hmbq-4c5b-ukd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83958?format=api", "vulnerability_id": "VCID-hszt-6bxr-syfe", "summary": "poppler: Floating point exception in the ImageStream class", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14617.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14617.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14617", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.66908", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67011", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67014", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.66983", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67016", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67031", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.66946", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.66972", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.66996", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67008", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67028", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14617" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14617" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.7", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499905", "reference_id": "1499905", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499905" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876385", "reference_id": "876385", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14617", "reference_id": "CVE-2017-14617", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14617" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14617" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hszt-6bxr-syfe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84282?format=api", "vulnerability_id": "VCID-jauh-5qga-hucw", "summary": "poppler: Stack exhaustion due to infinite recursive call in pdfunite", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7515.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7515.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7515", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44077", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44113", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44193", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44184", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44141", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44164", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44095", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44146", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44149", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44165", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44132", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7515" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.7", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459066", "reference_id": "1459066", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459066" }, { "reference_url": "https://usn.ubuntu.com/3350-1/", "reference_id": "USN-3350-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3350-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-7515" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jauh-5qga-hucw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82909?format=api", "vulnerability_id": "VCID-jc37-xtrj-p3cm", "summary": "poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20662.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20662.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20662", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69132", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69224", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69198", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69237", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69245", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69148", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69169", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.6915", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.692", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69218", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.6924", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69226", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20662" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20662" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/commit/9fd5ec0e6e5f763b190f2a55ceb5427cfe851d5f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/commit/9fd5ec0e6e5f763b190f2a55ceb5427cfe851d5f" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/706" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665273", "reference_id": "1665273", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665273" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918158", "reference_id": "918158", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20662", "reference_id": "CVE-2018-20662", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2018-20662" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jc37-xtrj-p3cm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56085?format=api", "vulnerability_id": "VCID-jd42-3thk-rqhr", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9406.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9406.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77441", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77524", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77534", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77531", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77447", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77472", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77453", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77482", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77492", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77517", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77498", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77495", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458701", "reference_id": "1458701", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458701" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864010", "reference_id": "864010", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864010" }, { "reference_url": "https://security.gentoo.org/glsa/201801-17", "reference_id": "GLSA-201801-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201801-17" }, { "reference_url": "https://usn.ubuntu.com/3350-1/", "reference_id": "USN-3350-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3350-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-9406" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jd42-3thk-rqhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31231?format=api", "vulnerability_id": "VCID-jvuz-2phs-87du", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1180.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1180.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1180", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08831", "scoring_system": "epss", "scoring_elements": "0.92498", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08831", "scoring_system": "epss", "scoring_elements": "0.92504", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08831", "scoring_system": "epss", "scoring_elements": "0.92512", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08831", "scoring_system": "epss", "scoring_elements": "0.92514", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08831", "scoring_system": "epss", "scoring_elements": "0.92526", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08831", "scoring_system": "epss", "scoring_elements": "0.9253", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08831", "scoring_system": "epss", "scoring_elements": "0.92537", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08831", "scoring_system": "epss", "scoring_elements": "0.92538", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08831", "scoring_system": "epss", "scoring_elements": "0.92547", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.08831", "scoring_system": "epss", "scoring_elements": "0.92549", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1180" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892", "reference_id": "495892", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495892" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-1180" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jvuz-2phs-87du" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60452?format=api", "vulnerability_id": "VCID-jw5j-xk5g-v3b1", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000456.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000456.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000456", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72411", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72497", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72457", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72499", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72508", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72416", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72434", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72449", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72462", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72485", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72467", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000456" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=103116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=103116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00001.html" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4097" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531382", "reference_id": "1531382", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531382" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.60.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.60.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.60.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000456", "reference_id": "CVE-2017-1000456", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000456" }, { "reference_url": "https://security.gentoo.org/glsa/201804-03", "reference_id": "GLSA-201804-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-03" }, { "reference_url": "https://usn.ubuntu.com/3517-1/", "reference_id": "USN-3517-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3517-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-1000456" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jw5j-xk5g-v3b1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82698?format=api", "vulnerability_id": "VCID-k1uz-1eqt-pbc6", "summary": "poppler: buffer overflow in HtmlOutputDev::page", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18839.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18839.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-18839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39864", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40012", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39919", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40028", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39999", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40038", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39958", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40011", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40025", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40035", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39998", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39978", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-18839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18839" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234524", "reference_id": "2234524", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234524" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/742", "reference_id": "742", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T16:29:54Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/742" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2020-18839" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k1uz-1eqt-pbc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60454?format=api", "vulnerability_id": "VCID-kf69-av43-wffs", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14976.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14976.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.77912", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.77997", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.77987", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.7797", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.77969", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.78004", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.77919", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.77946", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.77929", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.77956", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.7796", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14976" }, { "reference_url": "https://bugzilla.freedesktop.org/show_bug.cgi?id=102724", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.freedesktop.org/show_bug.cgi?id=102724" }, { "reference_url": "https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4079" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500345", "reference_id": "1500345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500345" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877954", "reference_id": "877954", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877954" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14976", "reference_id": "CVE-2017-14976", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14976" }, { "reference_url": "https://security.gentoo.org/glsa/201804-03", "reference_id": "GLSA-201804-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-03" }, { "reference_url": "https://usn.ubuntu.com/3517-1/", "reference_id": "USN-3517-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3517-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14976" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kf69-av43-wffs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61422?format=api", "vulnerability_id": "VCID-kgk7-hqby-wkez", "summary": "Poppler and various KDE components are vulnerable to multiple memory\n management issues possibly resulting in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4352.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-4352.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4352", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25469", "scoring_system": "epss", "scoring_elements": "0.9618", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.25469", "scoring_system": "epss", "scoring_elements": "0.96188", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.25469", "scoring_system": "epss", "scoring_elements": "0.96196", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.25469", "scoring_system": "epss", "scoring_elements": "0.96199", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.25469", "scoring_system": "epss", "scoring_elements": "0.96209", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.25469", "scoring_system": "epss", "scoring_elements": "0.96212", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.25469", "scoring_system": "epss", "scoring_elements": "0.96217", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.25469", "scoring_system": "epss", "scoring_elements": "0.96216", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.25469", "scoring_system": "epss", "scoring_elements": "0.96218", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.25469", "scoring_system": "epss", "scoring_elements": "0.96226", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.25469", "scoring_system": "epss", "scoring_elements": "0.96231", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.25469", "scoring_system": "epss", "scoring_elements": "0.96232", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-4352" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4352" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=345101", "reference_id": "345101", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=345101" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628", "reference_id": "450628", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629", "reference_id": "450629", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629" }, { "reference_url": "https://security.gentoo.org/glsa/200711-22", "reference_id": "GLSA-200711-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200711-22" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1021", "reference_id": "RHSA-2007:1021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1022", "reference_id": "RHSA-2007:1022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1024", "reference_id": "RHSA-2007:1024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1025", "reference_id": "RHSA-2007:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1026", "reference_id": "RHSA-2007:1026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1027", "reference_id": "RHSA-2007:1027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1029", "reference_id": "RHSA-2007:1029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1029" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1030", "reference_id": "RHSA-2007:1030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1030" }, { "reference_url": "https://usn.ubuntu.com/542-1/", "reference_id": "USN-542-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/542-1/" }, { "reference_url": "https://usn.ubuntu.com/542-2/", "reference_id": "USN-542-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/542-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035932?format=api", "purl": "pkg:deb/debian/poppler@0.8.7-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-35b2-jj1x-rkcf" }, { "vulnerability": "VCID-3eaw-7xrw-tkft" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-4128-ep6n-hufz" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4jfu-4w71-g7bt" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-4yej-ag45-uuga" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-65sa-tagy-3ybs" }, { "vulnerability": "VCID-68rw-a4ah-5khm" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-6dwz-8kx9-rugr" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8nj9-hqay-dfdj" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-ctb2-8h4y-vybd" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dgb8-nes9-8fb7" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gbm8-vcwy-u3g2" }, { "vulnerability": "VCID-gbuy-ru9c-h3en" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jvuz-2phs-87du" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-neqs-cg1p-7bb7" }, { "vulnerability": "VCID-ng15-dzek-kyda" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-rm6a-c4rf-f7hc" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-uczb-yext-6yfq" }, { "vulnerability": "VCID-uny2-k19n-1bb2" }, { "vulnerability": "VCID-v15u-sguq-skg9" }, { "vulnerability": "VCID-vudr-8rrg-hufx" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-xddx-numk-a7bn" }, { "vulnerability": "VCID-ynvq-nzrq-9bca" }, { "vulnerability": "VCID-yu46-ypr2-dfce" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zr8n-mfu1-4yg4" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.8.7-4" } ], "aliases": [ "CVE-2007-4352" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kgk7-hqby-wkez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83491?format=api", "vulnerability_id": "VCID-kre4-9v6u-3ked", "summary": "poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0327", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3505" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10768.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10768.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10768", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.82945", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83049", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83008", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83047", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83046", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.82961", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.82974", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.82971", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.82996", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83003", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83019", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83012", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10768" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=106408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=106408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10768", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10768" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576169", "reference_id": "1576169", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576169" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10768", "reference_id": "CVE-2018-10768", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3140", "reference_id": "RHSA-2018:3140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3140" }, { "reference_url": "https://usn.ubuntu.com/3647-1/", "reference_id": "USN-3647-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3647-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" } ], "aliases": [ "CVE-2018-10768" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kre4-9v6u-3ked" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69080?format=api", "vulnerability_id": "VCID-kwa4-641f-ducs", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9776.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9776.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79262", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79334", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79322", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.7931", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79337", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79269", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79293", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79279", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79304", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79314", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79338", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466443", "reference_id": "1466443", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466443" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865679", "reference_id": "865679", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865679" }, { "reference_url": "https://security.archlinux.org/ASA-201706-33", "reference_id": "ASA-201706-33", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-33" }, { "reference_url": "https://security.archlinux.org/AVG-326", "reference_id": "AVG-326", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2550", "reference_id": "RHSA-2017:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2551", "reference_id": "RHSA-2017:2551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2551" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-9776" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kwa4-641f-ducs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69083?format=api", "vulnerability_id": "VCID-mqt3-g77k-xqer", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14519.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14519.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3143", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31485", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31448", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31482", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31461", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62884", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62914", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62878", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62929", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62945", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62963", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62826", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14519" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4079" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499165", "reference_id": "1499165", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499165" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876086", "reference_id": "876086", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876086" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14519", "reference_id": "CVE-2017-14519", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14519" }, { "reference_url": "https://usn.ubuntu.com/3433-1/", "reference_id": "USN-3433-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3433-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14519" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mqt3-g77k-xqer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82518?format=api", "vulnerability_id": "VCID-myjj-5fsv-sybj", "summary": "poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12293.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12293.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12293", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76282", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76286", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76316", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76295", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76328", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76342", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76369", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76347", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76382", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76388", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76372", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12293" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713582", "reference_id": "1713582", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713582" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929423", "reference_id": "929423", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074", "reference_id": "RHSA-2020:1074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1074" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2019-12293" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-myjj-5fsv-sybj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78188?format=api", "vulnerability_id": "VCID-n1sx-y7xc-kqfb", "summary": "poppler: NULL pointer dereference in `FoFiType1C::convertToType1`", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36024.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36024.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36024", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26431", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26481", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26272", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26327", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26335", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26308", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26524", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26305", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26373", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26423", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26385", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36024" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016", "reference_id": "1016", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:56:32Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231520", "reference_id": "2231520", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231520" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:56:32Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2979", "reference_id": "RHSA-2024:2979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2979" }, { "reference_url": "https://usn.ubuntu.com/6299-1/", "reference_id": "USN-6299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2020-36024" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n1sx-y7xc-kqfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93837?format=api", "vulnerability_id": "VCID-ncat-8jz5-m7e5", "summary": "An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10018", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55404", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55387", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55368", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55246", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55345", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55369", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55347", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55398", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55408", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10018" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10018", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10018" }, { "reference_url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41276", "reference_id": "", "reference_type": "", "scores": [], "url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41276" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926133", "reference_id": "926133", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926133" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:4.01.01:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:4.01.01:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:4.01.01:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10018", "reference_id": "CVE-2019-10018", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10018" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2019-10018" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ncat-8jz5-m7e5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31245?format=api", "vulnerability_id": "VCID-neqs-cg1p-7bb7", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch", "reference_id": "", "reference_type": "", "scores": [], "url": "ftp://ftp.foolabs.com/pub/xpdf/xpdf-3.02pl5.patch" }, { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?id=e853106b58d6b4b0467dbd6436c9bb1cfbd372cf" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050268.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050285.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050390.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049392.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049523.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049545.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-11/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2012-1201.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3702.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3702.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3702", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02916", "scoring_system": "epss", "scoring_elements": "0.86395", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02916", "scoring_system": "epss", "scoring_elements": "0.86316", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02916", "scoring_system": "epss", "scoring_elements": "0.86326", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02916", "scoring_system": "epss", "scoring_elements": "0.86345", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02916", "scoring_system": "epss", "scoring_elements": "0.86346", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02916", "scoring_system": "epss", "scoring_elements": "0.86364", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02916", "scoring_system": "epss", "scoring_elements": "0.86374", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02916", "scoring_system": "epss", "scoring_elements": "0.86387", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02916", "scoring_system": "epss", "scoring_elements": "0.86385", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02916", "scoring_system": "epss", "scoring_elements": "0.8638", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02916", "scoring_system": "epss", "scoring_elements": "0.86397", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02916", "scoring_system": "epss", "scoring_elements": "0.86402", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-3702" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3702" }, { "reference_url": "http://secunia.com/advisories/42141", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42141" }, { "reference_url": "http://secunia.com/advisories/42357", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42357" }, { "reference_url": "http://secunia.com/advisories/42397", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42397" }, { "reference_url": "http://secunia.com/advisories/42691", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/42691" }, { "reference_url": "http://secunia.com/advisories/43079", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/43079" }, { "reference_url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720", "reference_id": "", "reference_type": "", "scores": [], "url": "http://slackware.com/security/viewer.php?l=slackware-security&y=2010&m=slackware-security.571720" }, { "reference_url": "http://www.debian.org/security/2010/dsa-2119", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2010/dsa-2119" }, { "reference_url": "http://www.debian.org/security/2010/dsa-2135", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2010/dsa-2135" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:228" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:229" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:230" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2010:231" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2012:144" }, { "reference_url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2010/10/04/6", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2010/10/04/6" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0749.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0750.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0750.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0751.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0752.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0753.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0754.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0754.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0755.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0755.html" }, { "reference_url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.redhat.com/support/errata/RHSA-2010-0859.html" }, { "reference_url": "http://www.securityfocus.com/bid/43845", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/43845" }, { "reference_url": "http://www.ubuntu.com/usn/USN-1005-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-1005-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/2897", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/2897" }, { "reference_url": "http://www.vupen.com/english/advisories/2010/3097", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2010/3097" }, { "reference_url": "http://www.vupen.com/english/advisories/2011/0230", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2011/0230" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=595245", "reference_id": "595245", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=595245" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165", "reference_id": "599165", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=599165" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apple:cups:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.02:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.02:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.02:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.02:pl1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.02:pl1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.02:pl1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.02:pl2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.02:pl2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.02:pl2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.02:pl3:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.02:pl3:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.02:pl3:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.02:pl4:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.02:pl4:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.02:pl4:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:9.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:12:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:10:sp3:*:*:-:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:11:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_server:9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3702", "reference_id": "CVE-2010-3702", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-3702" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://security.gentoo.org/glsa/201402-17", "reference_id": "GLSA-201402-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201402-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0749", "reference_id": "RHSA-2010:0749", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0749" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0750", "reference_id": "RHSA-2010:0750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0751", "reference_id": "RHSA-2010:0751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0752", "reference_id": "RHSA-2010:0752", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0752" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0753", "reference_id": "RHSA-2010:0753", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0754", "reference_id": "RHSA-2010:0754", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0754" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0755", "reference_id": "RHSA-2010:0755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0755" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0859", "reference_id": "RHSA-2010:0859", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0859" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:1201", "reference_id": "RHSA-2012:1201", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:1201" }, { "reference_url": "https://usn.ubuntu.com/1005-1/", "reference_id": "USN-1005-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1005-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2010-3702" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-neqs-cg1p-7bb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31241?format=api", "vulnerability_id": "VCID-ng15-dzek-kyda", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3607.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3607.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3607", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06855", "scoring_system": "epss", "scoring_elements": "0.91315", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06855", "scoring_system": "epss", "scoring_elements": "0.91319", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06855", "scoring_system": "epss", "scoring_elements": "0.9133", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06855", "scoring_system": "epss", "scoring_elements": "0.91337", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06855", "scoring_system": "epss", "scoring_elements": "0.91349", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06855", "scoring_system": "epss", "scoring_elements": "0.91356", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06855", "scoring_system": "epss", "scoring_elements": "0.91363", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06855", "scoring_system": "epss", "scoring_elements": "0.91366", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06855", "scoring_system": "epss", "scoring_elements": "0.91365", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06855", "scoring_system": "epss", "scoring_elements": "0.9139", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06855", "scoring_system": "epss", "scoring_elements": "0.91388", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3607" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=526924", "reference_id": "526924", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526924" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289", "reference_id": "551289", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://usn.ubuntu.com/850-1/", "reference_id": "USN-850-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-1/" }, { "reference_url": "https://usn.ubuntu.com/850-3/", "reference_id": "USN-850-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-3607" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ng15-dzek-kyda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31250?format=api", "vulnerability_id": "VCID-ngzc-42z2-8yae", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2142.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2142.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2142", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79914", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79921", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79941", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.7993", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79959", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79968", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79988", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79971", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79963", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79991", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79994", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2142" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2142", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2142" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487773", "reference_id": "487773", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487773" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=789936", "reference_id": "789936", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=789936" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035936?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2~bpo70%252B1" } ], "aliases": [ "CVE-2012-2142" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ngzc-42z2-8yae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79175?format=api", "vulnerability_id": "VCID-nqqu-29qr-wfec", "summary": "poppler: reachable assertion due to a failure in markObject()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37052.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37052.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37052", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07427", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07547", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07507", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07429", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07418", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07469", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07451", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07509", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07532", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07534", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.0752", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37052" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37052", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37052" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278", "reference_id": "1278", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:06:03Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234530", "reference_id": "2234530", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234530" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c", "reference_id": "8677500399fc2548fa816b619580c2c07915a98c", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:06:03Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c" }, { "reference_url": "https://usn.ubuntu.com/6508-1/", "reference_id": "USN-6508-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6508-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2022-37052" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nqqu-29qr-wfec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/50774?format=api", "vulnerability_id": "VCID-p219-w8nj-qqg7", "summary": "Poppler is affected by a memory management issue, which could lead to the\n execution of arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2950.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-2950.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2950", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12333", "scoring_system": "epss", "scoring_elements": "0.93902", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.12333", "scoring_system": "epss", "scoring_elements": "0.93836", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.12333", "scoring_system": "epss", "scoring_elements": "0.93844", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.12333", "scoring_system": "epss", "scoring_elements": "0.93854", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.12333", "scoring_system": "epss", "scoring_elements": "0.93856", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.12333", "scoring_system": "epss", "scoring_elements": "0.93865", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.12333", "scoring_system": "epss", "scoring_elements": "0.93869", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.12333", "scoring_system": "epss", "scoring_elements": "0.93873", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.12333", "scoring_system": "epss", "scoring_elements": "0.93874", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.12333", "scoring_system": "epss", "scoring_elements": "0.93895", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.12333", "scoring_system": "epss", "scoring_elements": "0.93901", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-2950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950" }, { "reference_url": "http://secunia.com/advisories/30963", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/30963" }, { "reference_url": "http://secunia.com/advisories/31002", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31002" }, { "reference_url": "http://secunia.com/advisories/31167", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31167" }, { "reference_url": "http://secunia.com/advisories/31267", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31267" }, { "reference_url": "http://secunia.com/advisories/31405", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/31405" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-200807-04.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-200807-04.xml" }, { "reference_url": "http://securityreason.com/securityalert/3977", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityreason.com/securityalert/3977" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43619" }, { "reference_url": "https://www.exploit-db.com/exploits/6032", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/6032" }, { "reference_url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00161.html" }, { "reference_url": "http://wiki.rpath.com/Advisories:rPSA-2008-0223", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0223" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:146", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:146" }, { "reference_url": "http://www.ocert.org/advisories/ocert-2008-007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ocert.org/advisories/ocert-2008-007.html" }, { "reference_url": "http://www.securityfocus.com/archive/1/493980/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/493980/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/archive/1/494142/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/494142/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/30107", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/30107" }, { "reference_url": "http://www.securitytracker.com/id?1020435", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securitytracker.com/id?1020435" }, { "reference_url": "http://www.ubuntu.com/usn/usn-631-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/usn-631-1" }, { "reference_url": "http://www.vupen.com/english/advisories/2008/2024/references", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.vupen.com/english/advisories/2008/2024/references" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=454277", "reference_id": "454277", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=454277" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489756", "reference_id": "489756", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=489756" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2950", "reference_id": "CVE-2008-2950", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-2950" }, { "reference_url": "https://security.gentoo.org/glsa/200807-04", "reference_id": "GLSA-200807-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200807-04" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/6032.py", "reference_id": "OSVDB-46806;CVE-2008-2950", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/6032.py" }, { "reference_url": "https://usn.ubuntu.com/631-1/", "reference_id": "USN-631-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/631-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035932?format=api", "purl": "pkg:deb/debian/poppler@0.8.7-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-35b2-jj1x-rkcf" }, { "vulnerability": "VCID-3eaw-7xrw-tkft" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-4128-ep6n-hufz" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4jfu-4w71-g7bt" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-4yej-ag45-uuga" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-65sa-tagy-3ybs" }, { "vulnerability": "VCID-68rw-a4ah-5khm" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-6dwz-8kx9-rugr" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8nj9-hqay-dfdj" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-ctb2-8h4y-vybd" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dgb8-nes9-8fb7" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gbm8-vcwy-u3g2" }, { "vulnerability": "VCID-gbuy-ru9c-h3en" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jvuz-2phs-87du" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-neqs-cg1p-7bb7" }, { "vulnerability": "VCID-ng15-dzek-kyda" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-rm6a-c4rf-f7hc" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-uczb-yext-6yfq" }, { "vulnerability": "VCID-uny2-k19n-1bb2" }, { "vulnerability": "VCID-v15u-sguq-skg9" }, { "vulnerability": "VCID-vudr-8rrg-hufx" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-xddx-numk-a7bn" }, { "vulnerability": "VCID-ynvq-nzrq-9bca" }, { "vulnerability": "VCID-yu46-ypr2-dfce" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zr8n-mfu1-4yg4" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.8.7-4" } ], "aliases": [ "CVE-2008-2950" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p219-w8nj-qqg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83987?format=api", "vulnerability_id": "VCID-pc5k-98kh-suce", "summary": "poppler: NULL pointer dereference in the AnnotRichMedia::Configuration::Configuration", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14928.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14928.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14928", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38591", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.3867", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38643", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38691", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38669", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.5244", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52468", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52433", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52486", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.5248", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52531", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52395", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14928" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14928" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500322", "reference_id": "1500322", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500322" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877231", "reference_id": "877231", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877231" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14928", "reference_id": "CVE-2017-14928", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14928" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14928" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pc5k-98kh-suce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41481?format=api", "vulnerability_id": "VCID-qdcv-xd8k-8qbu", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19149.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19149.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19149", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49446", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49474", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.495", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49453", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49508", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49504", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49521", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49493", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49495", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49542", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.4954", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49511", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19149" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649457", "reference_id": "1649457", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649457" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914600", "reference_id": "914600", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914600" }, { "reference_url": "https://security.gentoo.org/glsa/201904-04", "reference_id": "GLSA-201904-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201904-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" }, { "reference_url": "https://usn.ubuntu.com/3837-2/", "reference_id": "USN-3837-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2018-19149" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdcv-xd8k-8qbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83892?format=api", "vulnerability_id": "VCID-qjj9-dejh-vuaq", "summary": "poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0327", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3505" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18267.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18267.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18267", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50793", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50915", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50907", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50891", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50935", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50848", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50874", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50832", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50889", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50887", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50929", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18267" }, { "reference_url": "https://bugzilla.freedesktop.org/show_bug.cgi?id=103238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.freedesktop.org/show_bug.cgi?id=103238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18267" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1578777", "reference_id": "1578777", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1578777" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898357", "reference_id": "898357", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898357" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18267", "reference_id": "CVE-2017-18267", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3140", "reference_id": "RHSA-2018:3140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3140" }, { "reference_url": "https://usn.ubuntu.com/3647-1/", "reference_id": "USN-3647-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3647-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-18267" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qjj9-dejh-vuaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32136?format=api", "vulnerability_id": "VCID-qmt5-gtpg-vbg2", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183107.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183107.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183142.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183142.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00077.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00077.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2580.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2580.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8868.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8868.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77938", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77945", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77944", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77848", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77855", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77882", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77865", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77892", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77897", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77924", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77908", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8868" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=93476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=93476" }, { "reference_url": "https://cgit.freedesktop.org/poppler/poppler/commit/?id=b3425dd3261679958cd56c0f71995c15d2124433", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cgit.freedesktop.org/poppler/poppler/commit/?id=b3425dd3261679958cd56c0f71995c15d2124433" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8868" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://poppler.freedesktop.org/releases.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://poppler.freedesktop.org/releases.html" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3563", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3563" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/04/12/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/04/12/1" }, { "reference_url": "http://www.securityfocus.com/bid/89324", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/89324" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2958-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2958-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1326225", "reference_id": "1326225", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1326225" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822578", "reference_id": "822578", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822578" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.39.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.39.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.39.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8868", "reference_id": "CVE-2015-8868", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8868" }, { "reference_url": "https://security.gentoo.org/glsa/201611-15", "reference_id": "GLSA-201611-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2580", "reference_id": "RHSA-2016:2580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2580" }, { "reference_url": "https://usn.ubuntu.com/2958-1/", "reference_id": "USN-2958-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2958-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-8868" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qmt5-gtpg-vbg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82803?format=api", "vulnerability_id": "VCID-qpwe-7kfy-pyb8", "summary": "poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7310.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7310.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7310", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.5322", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53324", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53318", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53301", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53339", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53344", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53244", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53269", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53236", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53289", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53283", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53333", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7310" }, { "reference_url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/717" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/" }, { "reference_url": "http://www.securityfocus.com/bid/106829", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106829" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672419", "reference_id": "1672419", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672419" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921215", "reference_id": "921215", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921215" }, { "reference_url": "https://security.archlinux.org/AVG-869", "reference_id": "AVG-869", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-869" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.73.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.73.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.73.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7310", "reference_id": "CVE-2019-7310", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3886-1/", "reference_id": "USN-3886-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3886-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2019-7310" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qpwe-7kfy-pyb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69085?format=api", "vulnerability_id": "VCID-qsy6-em2u-cyd2", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15565.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15565.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69878", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69975", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69984", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69994", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.6989", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69905", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69882", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.6993", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69946", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.6997", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69954", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.6994", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15565" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=103016", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=103016" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4079" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510977", "reference_id": "1510977", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510977" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879066", "reference_id": "879066", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879066" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15565", "reference_id": "CVE-2017-15565", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15565" }, { "reference_url": "https://usn.ubuntu.com/3467-1/", "reference_id": "USN-3467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3467-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-15565" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qsy6-em2u-cyd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49250?format=api", "vulnerability_id": "VCID-qtb6-gvjp-cqbq", "summary": "Multiple vulnerabilities have been discovered in Poppler, the worst of which could lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27337.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27337.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27337", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46799", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46854", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46851", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46773", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46793", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46742", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46797", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46796", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46819", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46791", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46798", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27337" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010695", "reference_id": "1010695", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010695" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087190", "reference_id": "2087190", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087190" }, { "reference_url": "https://security.archlinux.org/AVG-2812", "reference_id": "AVG-2812", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2812" }, { "reference_url": "https://security.gentoo.org/glsa/202509-01", "reference_id": "GLSA-202509-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7594", "reference_id": "RHSA-2022:7594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8151", "reference_id": "RHSA-2022:8151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8151" }, { "reference_url": "https://usn.ubuntu.com/6273-1/", "reference_id": "USN-6273-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6273-1/" }, { "reference_url": "https://usn.ubuntu.com/7687-1/", "reference_id": "USN-7687-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7687-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2022-27337" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtb6-gvjp-cqbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31229?format=api", "vulnerability_id": "VCID-rm6a-c4rf-f7hc", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0800.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0800.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0800", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08985", "scoring_system": "epss", "scoring_elements": "0.92575", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08985", "scoring_system": "epss", "scoring_elements": "0.92581", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08985", "scoring_system": "epss", "scoring_elements": "0.92587", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08985", "scoring_system": "epss", "scoring_elements": "0.92588", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08985", "scoring_system": "epss", "scoring_elements": "0.926", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08985", "scoring_system": "epss", "scoring_elements": "0.92605", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08985", "scoring_system": "epss", "scoring_elements": "0.9261", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08985", "scoring_system": "epss", "scoring_elements": "0.92611", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08985", "scoring_system": "epss", "scoring_elements": "0.92624", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.08985", "scoring_system": "epss", "scoring_elements": "0.92623", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.08985", "scoring_system": "epss", "scoring_elements": "0.92626", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0800" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887", "reference_id": "495887", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495887" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-0800" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rm6a-c4rf-f7hc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82677?format=api", "vulnerability_id": "VCID-s3q2-uvnc-wfep", "summary": "poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10871.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10871.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10871", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70182", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70276", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70244", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70286", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70295", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70194", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70211", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70188", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70234", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70249", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70272", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70257", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10871" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/751" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00025.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/" }, { "reference_url": "http://www.securityfocus.com/bid/107862", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107862" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696636", "reference_id": "1696636", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696636" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926529", "reference_id": "926529", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926529" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10871", "reference_id": "CVE-2019-10871", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074", "reference_id": "RHSA-2020:1074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1074" }, { "reference_url": "https://usn.ubuntu.com/4646-1/", "reference_id": "USN-4646-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4646-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2019-10871" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s3q2-uvnc-wfep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61424?format=api", "vulnerability_id": "VCID-sv3r-4tym-qua5", "summary": "Poppler and various KDE components are vulnerable to multiple memory\n management issues possibly resulting in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5393.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5393.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5393", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14245", "scoring_system": "epss", "scoring_elements": "0.94355", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.14245", "scoring_system": "epss", "scoring_elements": "0.94364", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.14245", "scoring_system": "epss", "scoring_elements": "0.94374", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.14245", "scoring_system": "epss", "scoring_elements": "0.94375", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.14245", "scoring_system": "epss", "scoring_elements": "0.94385", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.14245", "scoring_system": "epss", "scoring_elements": "0.94389", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.14245", "scoring_system": "epss", "scoring_elements": "0.94392", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.14245", "scoring_system": "epss", "scoring_elements": "0.94393", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.14245", "scoring_system": "epss", "scoring_elements": "0.94394", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.14245", "scoring_system": "epss", "scoring_elements": "0.94408", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.14245", "scoring_system": "epss", "scoring_elements": "0.94413", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.14245", "scoring_system": "epss", "scoring_elements": "0.94417", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5393" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5393" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=345121", "reference_id": "345121", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=345121" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628", "reference_id": "450628", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629", "reference_id": "450629", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629" }, { "reference_url": "https://security.gentoo.org/glsa/200711-22", "reference_id": "GLSA-200711-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200711-22" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1021", "reference_id": "RHSA-2007:1021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1022", "reference_id": "RHSA-2007:1022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1023", "reference_id": "RHSA-2007:1023", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1023" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1024", "reference_id": "RHSA-2007:1024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1025", "reference_id": "RHSA-2007:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1026", "reference_id": "RHSA-2007:1026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1027", "reference_id": "RHSA-2007:1027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1028", "reference_id": "RHSA-2007:1028", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1028" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1029", "reference_id": "RHSA-2007:1029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1029" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1030", "reference_id": "RHSA-2007:1030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1030" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1031", "reference_id": "RHSA-2007:1031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1051", "reference_id": "RHSA-2007:1051", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1051" }, { "reference_url": "https://usn.ubuntu.com/542-1/", "reference_id": "USN-542-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/542-1/" }, { "reference_url": "https://usn.ubuntu.com/542-2/", "reference_id": "USN-542-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/542-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035932?format=api", "purl": "pkg:deb/debian/poppler@0.8.7-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-35b2-jj1x-rkcf" }, { "vulnerability": "VCID-3eaw-7xrw-tkft" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-4128-ep6n-hufz" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4jfu-4w71-g7bt" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-4yej-ag45-uuga" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-65sa-tagy-3ybs" }, { "vulnerability": "VCID-68rw-a4ah-5khm" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-6dwz-8kx9-rugr" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8nj9-hqay-dfdj" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-ctb2-8h4y-vybd" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dgb8-nes9-8fb7" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gbm8-vcwy-u3g2" }, { "vulnerability": "VCID-gbuy-ru9c-h3en" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jvuz-2phs-87du" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-neqs-cg1p-7bb7" }, { "vulnerability": "VCID-ng15-dzek-kyda" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-rm6a-c4rf-f7hc" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-uczb-yext-6yfq" }, { "vulnerability": "VCID-uny2-k19n-1bb2" }, { "vulnerability": "VCID-v15u-sguq-skg9" }, { "vulnerability": "VCID-vudr-8rrg-hufx" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-xddx-numk-a7bn" }, { "vulnerability": "VCID-ynvq-nzrq-9bca" }, { "vulnerability": "VCID-yu46-ypr2-dfce" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zr8n-mfu1-4yg4" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.8.7-4" } ], "aliases": [ "CVE-2007-5393" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sv3r-4tym-qua5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72599?format=api", "vulnerability_id": "VCID-tfe8-bq62-3ke4", "summary": "Poppler: out-of-bounds read", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56378.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56378.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56378", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53765", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53728", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53725", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53774", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53757", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53741", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53779", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53783", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53679", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53707", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53675", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56378" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091322", "reference_id": "1091322", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091322" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1553", "reference_id": "1553", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-26T19:27:24Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333794", "reference_id": "2333794", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333794" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/ade9b5ebed44b0c15522c27669ef6cdf93eff84e", "reference_id": "ade9b5ebed44b0c15522c27669ef6cdf93eff84e", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-26T19:27:24Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/ade9b5ebed44b0c15522c27669ef6cdf93eff84e" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/blob/30eada0d2bceb42c2d2a87361339063e0b9bea50/CMakeLists.txt#L621", "reference_id": "CMakeLists.txt#L621", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-26T19:27:24Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/blob/30eada0d2bceb42c2d2a87361339063e0b9bea50/CMakeLists.txt#L621" }, { "reference_url": "https://usn.ubuntu.com/7213-1/", "reference_id": "USN-7213-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7213-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2024-56378" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tfe8-bq62-3ke4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83023?format=api", "vulnerability_id": "VCID-tt3h-qbbv-zuev", "summary": "poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18897.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18897.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3556", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35581", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3562", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35609", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41653", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.4163", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41639", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41663", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41629", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41536", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.4158", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41626", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18897" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646546", "reference_id": "1646546", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646546" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913164", "reference_id": "913164", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2018-18897" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tt3h-qbbv-zuev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82764?format=api", "vulnerability_id": "VCID-tu6x-7fgv-1ffu", "summary": "poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9200.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9200.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9200", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.89978", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90035", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90027", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90021", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90037", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.8998", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.89993", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.89998", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90014", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90019", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90029", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9200" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/728" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/" }, { "reference_url": "https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/" }, { "reference_url": "http://www.securityfocus.com/bid/107172", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107172" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1683632", "reference_id": "1683632", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1683632" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923414", "reference_id": "923414", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923414" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9200", "reference_id": "CVE-2019-9200", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3905-1/", "reference_id": "USN-3905-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3905-1/" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2019-9200" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tu6x-7fgv-1ffu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82681?format=api", "vulnerability_id": "VCID-tzdq-9gfz-yud5", "summary": "poppler: null-pointer dereference in function SplashClip::clipAALine in splash/SplashClip.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10873.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10873.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10873", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75676", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75759", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75733", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.7577", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75773", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75679", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.7571", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75689", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75723", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75734", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75758", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75739", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10873" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/748" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/" }, { "reference_url": "http://www.securityfocus.com/bid/107862", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107862" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696637", "reference_id": "1696637", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696637" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926532", "reference_id": "926532", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926532" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10873", "reference_id": "CVE-2019-10873", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10873" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2019-10873" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tzdq-9gfz-yud5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31236?format=api", "vulnerability_id": "VCID-uczb-yext-6yfq", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1188.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1188.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1188", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.21975", "scoring_system": "epss", "scoring_elements": "0.95736", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.21975", "scoring_system": "epss", "scoring_elements": "0.95745", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.21975", "scoring_system": "epss", "scoring_elements": "0.95753", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.21975", "scoring_system": "epss", "scoring_elements": "0.95755", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.21975", "scoring_system": "epss", "scoring_elements": "0.95764", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.21975", "scoring_system": "epss", "scoring_elements": "0.95767", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.21975", "scoring_system": "epss", "scoring_elements": "0.95771", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.21975", "scoring_system": "epss", "scoring_elements": "0.95772", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.21975", "scoring_system": "epss", "scoring_elements": "0.95781", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.21975", "scoring_system": "epss", "scoring_elements": "0.95786", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.21975", "scoring_system": "epss", "scoring_elements": "0.95787", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1188" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1188" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495907", "reference_id": "495907", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495907" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575779", "reference_id": "575779", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575779" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1501", "reference_id": "RHSA-2009:1501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1502", "reference_id": "RHSA-2009:1502", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1503", "reference_id": "RHSA-2009:1503", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1503" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1512", "reference_id": "RHSA-2009:1512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1512" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-1188" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uczb-yext-6yfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31232?format=api", "vulnerability_id": "VCID-uny2-k19n-1bb2", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1181.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1181.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1181", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02433", "scoring_system": "epss", "scoring_elements": "0.85086", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02433", "scoring_system": "epss", "scoring_elements": "0.85098", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02433", "scoring_system": "epss", "scoring_elements": "0.85116", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02433", "scoring_system": "epss", "scoring_elements": "0.85119", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02433", "scoring_system": "epss", "scoring_elements": "0.85141", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02433", "scoring_system": "epss", "scoring_elements": "0.85148", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02433", "scoring_system": "epss", "scoring_elements": "0.85163", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02433", "scoring_system": "epss", "scoring_elements": "0.8516", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02433", "scoring_system": "epss", "scoring_elements": "0.85157", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02433", "scoring_system": "epss", "scoring_elements": "0.85177", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02433", "scoring_system": "epss", "scoring_elements": "0.85179", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1181" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1181" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495894", "reference_id": "495894", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495894" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-1181" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uny2-k19n-1bb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/88241?format=api", "vulnerability_id": "VCID-v15u-sguq-skg9", "summary": "poppler/evince: DoS via crafted PDF file", "references": [ { "reference_url": "http://bugs.freedesktop.org/show_bug.cgi?id=19702", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.freedesktop.org/show_bug.cgi?id=19702" }, { "reference_url": "http://lists.freedesktop.org/archives/poppler/2009-January/004403.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.freedesktop.org/archives/poppler/2009-January/004403.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0756.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0756.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0756", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.13982", "scoring_system": "epss", "scoring_elements": "0.94352", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.13982", "scoring_system": "epss", "scoring_elements": "0.94291", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.13982", "scoring_system": "epss", "scoring_elements": "0.943", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.13982", "scoring_system": "epss", "scoring_elements": "0.94311", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.13982", "scoring_system": "epss", "scoring_elements": "0.94313", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.13982", "scoring_system": "epss", "scoring_elements": "0.94322", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.13982", "scoring_system": "epss", "scoring_elements": "0.94327", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.13982", "scoring_system": "epss", "scoring_elements": "0.94331", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.13982", "scoring_system": "epss", "scoring_elements": "0.94332", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.13982", "scoring_system": "epss", "scoring_elements": "0.94347", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.13982", "scoring_system": "epss", "scoring_elements": "0.94353", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0756" }, { "reference_url": "http://secunia.com/advisories/33853", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/33853" }, { "reference_url": "http://secunia.com/advisories/35685", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/35685" }, { "reference_url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059", "reference_id": "", "reference_type": "", "scores": [], "url": "http://wiki.rpath.com/Advisories:rPSA-2009-0059" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/02/13/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2009/02/13/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2009/02/19/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2009/02/19/2" }, { "reference_url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/archive/1/502761/100/0/threaded" }, { "reference_url": "http://www.securityfocus.com/bid/33749", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/33749" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=488339", "reference_id": "488339", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=488339" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518478", "reference_id": "518478", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518478" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.10.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.1.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.1.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.90:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.5.91:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.6.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.7.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.7.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.7.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:poppler:poppler:0.8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0756", "reference_id": "CVE-2009-0756", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0756" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-0756" ], "risk_score": 9.0, "exploitability": "2.0", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v15u-sguq-skg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31234?format=api", "vulnerability_id": "VCID-vudr-8rrg-hufx", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1183.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1183.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1183", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82232", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82244", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82264", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82259", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82285", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82293", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82312", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82306", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.823", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82335", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01703", "scoring_system": "epss", "scoring_elements": "0.82337", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1183" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1183" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=495899", "reference_id": "495899", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=495899" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-1183" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vudr-8rrg-hufx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83019?format=api", "vulnerability_id": "VCID-wbyn-9mx6-a3gd", "summary": "poppler: out-of-bounds read in EmbFile::save2 in FileSpec.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19059.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19059.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19059", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3222", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32355", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32392", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32217", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32266", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32295", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32296", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32258", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32226", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32261", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32241", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32212", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19059" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19059", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19059" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649440", "reference_id": "1649440", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649440" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913180", "reference_id": "913180", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913180" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2018-19059" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wbyn-9mx6-a3gd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/61423?format=api", "vulnerability_id": "VCID-wpgs-8fw5-wbhe", "summary": "Poppler and various KDE components are vulnerable to multiple memory\n management issues possibly resulting in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5392.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5392.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5392", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06567", "scoring_system": "epss", "scoring_elements": "0.91095", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06567", "scoring_system": "epss", "scoring_elements": "0.911", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06567", "scoring_system": "epss", "scoring_elements": "0.91109", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06567", "scoring_system": "epss", "scoring_elements": "0.91117", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06567", "scoring_system": "epss", "scoring_elements": "0.91129", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06567", "scoring_system": "epss", "scoring_elements": "0.91135", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06567", "scoring_system": "epss", "scoring_elements": "0.91143", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06567", "scoring_system": "epss", "scoring_elements": "0.91144", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06567", "scoring_system": "epss", "scoring_elements": "0.91168", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06567", "scoring_system": "epss", "scoring_elements": "0.91172", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5392" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5392" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=345111", "reference_id": "345111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=345111" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628", "reference_id": "450628", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450628" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629", "reference_id": "450629", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=450629" }, { "reference_url": "https://security.gentoo.org/glsa/200711-22", "reference_id": "GLSA-200711-22", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200711-22" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1021", "reference_id": "RHSA-2007:1021", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1021" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1022", "reference_id": "RHSA-2007:1022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1024", "reference_id": "RHSA-2007:1024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1025", "reference_id": "RHSA-2007:1025", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1025" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1026", "reference_id": "RHSA-2007:1026", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1026" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1027", "reference_id": "RHSA-2007:1027", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1027" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1029", "reference_id": "RHSA-2007:1029", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1029" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2007:1030", "reference_id": "RHSA-2007:1030", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2007:1030" }, { "reference_url": "https://usn.ubuntu.com/542-1/", "reference_id": "USN-542-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/542-1/" }, { "reference_url": "https://usn.ubuntu.com/542-2/", "reference_id": "USN-542-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/542-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035932?format=api", "purl": "pkg:deb/debian/poppler@0.8.7-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-35b2-jj1x-rkcf" }, { "vulnerability": "VCID-3eaw-7xrw-tkft" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-4128-ep6n-hufz" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4jfu-4w71-g7bt" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-4yej-ag45-uuga" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-65sa-tagy-3ybs" }, { "vulnerability": "VCID-68rw-a4ah-5khm" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-6dwz-8kx9-rugr" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8nj9-hqay-dfdj" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-ctb2-8h4y-vybd" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dgb8-nes9-8fb7" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gbm8-vcwy-u3g2" }, { "vulnerability": "VCID-gbuy-ru9c-h3en" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jvuz-2phs-87du" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-neqs-cg1p-7bb7" }, { "vulnerability": "VCID-ng15-dzek-kyda" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-rm6a-c4rf-f7hc" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-uczb-yext-6yfq" }, { "vulnerability": "VCID-uny2-k19n-1bb2" }, { "vulnerability": "VCID-v15u-sguq-skg9" }, { "vulnerability": "VCID-vudr-8rrg-hufx" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-xddx-numk-a7bn" }, { "vulnerability": "VCID-ynvq-nzrq-9bca" }, { "vulnerability": "VCID-yu46-ypr2-dfce" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zr8n-mfu1-4yg4" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.8.7-4" } ], "aliases": [ "CVE-2007-5392" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wpgs-8fw5-wbhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31242?format=api", "vulnerability_id": "VCID-xddx-numk-a7bn", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3608.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3608.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3608", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12664", "scoring_system": "epss", "scoring_elements": "0.93944", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.12664", "scoring_system": "epss", "scoring_elements": "0.93953", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.12664", "scoring_system": "epss", "scoring_elements": "0.93962", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.12664", "scoring_system": "epss", "scoring_elements": "0.93964", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.12664", "scoring_system": "epss", "scoring_elements": "0.93973", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.12664", "scoring_system": "epss", "scoring_elements": "0.93976", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.12664", "scoring_system": "epss", "scoring_elements": "0.9398", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.12664", "scoring_system": "epss", "scoring_elements": "0.93995", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.12664", "scoring_system": "epss", "scoring_elements": "0.94", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.12664", "scoring_system": "epss", "scoring_elements": "0.94001", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3608" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3608" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=526637", "reference_id": "526637", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526637" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287", "reference_id": "551287", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289", "reference_id": "551289", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1501", "reference_id": "RHSA-2009:1501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1502", "reference_id": "RHSA-2009:1502", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1503", "reference_id": "RHSA-2009:1503", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1503" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1504", "reference_id": "RHSA-2009:1504", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1504" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1512", "reference_id": "RHSA-2009:1512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1513", "reference_id": "RHSA-2009:1513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/850-1/", "reference_id": "USN-850-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-1/" }, { "reference_url": "https://usn.ubuntu.com/850-3/", "reference_id": "USN-850-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-3/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-3608" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xddx-numk-a7bn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31221?format=api", "vulnerability_id": "VCID-ynvq-nzrq-9bca", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0146.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-0146.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0146", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01745", "scoring_system": "epss", "scoring_elements": "0.8246", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01745", "scoring_system": "epss", "scoring_elements": "0.82474", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01745", "scoring_system": "epss", "scoring_elements": "0.82491", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01745", "scoring_system": "epss", "scoring_elements": "0.82488", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01745", "scoring_system": "epss", "scoring_elements": "0.82514", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01745", "scoring_system": "epss", "scoring_elements": "0.82521", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01745", "scoring_system": "epss", "scoring_elements": "0.8254", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01745", "scoring_system": "epss", "scoring_elements": "0.82536", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01745", "scoring_system": "epss", "scoring_elements": "0.82531", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01745", "scoring_system": "epss", "scoring_elements": "0.82568", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01745", "scoring_system": "epss", "scoring_elements": "0.82572", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-0146" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0146" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=490612", "reference_id": "490612", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=490612" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806", "reference_id": "524806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524806" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809", "reference_id": "524809", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=524809" }, { "reference_url": "https://security.gentoo.org/glsa/200904-20", "reference_id": "GLSA-200904-20", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200904-20" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0429", "reference_id": "RHSA-2009:0429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0430", "reference_id": "RHSA-2009:0430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0431", "reference_id": "RHSA-2009:0431", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0431" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://usn.ubuntu.com/759-1/", "reference_id": "USN-759-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/759-1/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-0146" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ynvq-nzrq-9bca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31243?format=api", "vulnerability_id": "VCID-yu46-ypr2-dfce", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3609.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3609.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3609", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05999", "scoring_system": "epss", "scoring_elements": "0.90645", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05999", "scoring_system": "epss", "scoring_elements": "0.9065", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05999", "scoring_system": "epss", "scoring_elements": "0.9066", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05999", "scoring_system": "epss", "scoring_elements": "0.90669", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05999", "scoring_system": "epss", "scoring_elements": "0.90679", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05999", "scoring_system": "epss", "scoring_elements": "0.90685", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05999", "scoring_system": "epss", "scoring_elements": "0.90694", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05999", "scoring_system": "epss", "scoring_elements": "0.9069", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05999", "scoring_system": "epss", "scoring_elements": "0.90709", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05999", "scoring_system": "epss", "scoring_elements": "0.90707", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05999", "scoring_system": "epss", "scoring_elements": "0.90704", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3609" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=526893", "reference_id": "526893", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526893" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287", "reference_id": "551287", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289", "reference_id": "551289", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1500", "reference_id": "RHSA-2009:1500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1501", "reference_id": "RHSA-2009:1501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1502", "reference_id": "RHSA-2009:1502", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1503", "reference_id": "RHSA-2009:1503", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1503" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1504", "reference_id": "RHSA-2009:1504", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1504" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1512", "reference_id": "RHSA-2009:1512", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1512" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1513", "reference_id": "RHSA-2009:1513", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1513" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0401", "reference_id": "RHSA-2010:0401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0401" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0755", "reference_id": "RHSA-2010:0755", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0755" }, { "reference_url": "https://usn.ubuntu.com/850-1/", "reference_id": "USN-850-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-1/" }, { "reference_url": "https://usn.ubuntu.com/850-3/", "reference_id": "USN-850-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/850-3/" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-3609" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yu46-ypr2-dfce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83187?format=api", "vulnerability_id": "VCID-yyzk-7mqj-m7hq", "summary": "poppler: infinite recursion in Parser::getObj function in Parser.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16646.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16646.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16646", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71552", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71559", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71577", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.7155", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.7159", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.716", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71624", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71608", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.83896", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.83862", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.83895", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16646" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16646", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16646" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1626618", "reference_id": "1626618", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1626618" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909802", "reference_id": "909802", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" }, { "reference_url": "https://usn.ubuntu.com/3837-2/", "reference_id": "USN-3837-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2018-16646" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yyzk-7mqj-m7hq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56086?format=api", "vulnerability_id": "VCID-zgja-p6ey-2kex", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9408.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9408.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77441", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77524", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77534", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77531", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77447", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77472", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77453", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77482", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77492", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77517", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77498", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77495", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.7", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458702", "reference_id": "1458702", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458702" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864009", "reference_id": "864009", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864009" }, { "reference_url": "https://security.gentoo.org/glsa/201801-17", "reference_id": "GLSA-201801-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201801-17" }, { "reference_url": "https://usn.ubuntu.com/3350-1/", "reference_id": "USN-3350-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3350-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-9408" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zgja-p6ey-2kex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31249?format=api", "vulnerability_id": "VCID-zn54-s7jz-ruh8", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4654.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4654.json" }, { "reference_url": "https://access.redhat.com/security/cve/cve-2010-4654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/cve/cve-2010-4654" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4654", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64517", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64525", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64396", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.6445", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.6448", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64439", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64488", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64504", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64508", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64479", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64513", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4654" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4654" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201310-03.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201310-03.xml" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2010-4654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2010-4654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=672181", "reference_id": "672181", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=672181" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4654", "reference_id": "CVE-2010-4654", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4654" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035935?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-6" } ], "aliases": [ "CVE-2010-4654" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zn54-s7jz-ruh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31240?format=api", "vulnerability_id": "VCID-zr8n-mfu1-4yg4", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3606.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3606.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3606", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04772", "scoring_system": "epss", "scoring_elements": "0.8942", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04772", "scoring_system": "epss", "scoring_elements": "0.89424", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04772", "scoring_system": "epss", "scoring_elements": "0.89435", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04772", "scoring_system": "epss", "scoring_elements": "0.89437", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04772", "scoring_system": "epss", "scoring_elements": "0.89453", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04772", "scoring_system": "epss", "scoring_elements": "0.89457", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04772", "scoring_system": "epss", "scoring_elements": "0.89465", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04772", "scoring_system": "epss", "scoring_elements": "0.89463", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04772", "scoring_system": "epss", "scoring_elements": "0.89459", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04772", "scoring_system": "epss", "scoring_elements": "0.89474", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04772", "scoring_system": "epss", "scoring_elements": "0.89472", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-3606" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3606" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=526877", "reference_id": "526877", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=526877" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287", "reference_id": "551287", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551287" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289", "reference_id": "551289", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551289" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0458", "reference_id": "RHSA-2009:0458", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:0480", "reference_id": "RHSA-2009:0480", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:0480" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1500", "reference_id": "RHSA-2009:1500", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1501", "reference_id": "RHSA-2009:1501", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1501" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2009:1502", "reference_id": "RHSA-2009:1502", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2009:1502" }, { "reference_url": "https://usn.ubuntu.com/973-1/", "reference_id": "USN-973-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/973-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035933?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1j2u-8dqz-q3ad" }, { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4rx1-68jr-myac" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-6b75-d741-vufk" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-9yxn-jhqm-hbhv" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-e6c9-n7zk-3bfz" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gc6w-tctk-nycd" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zn54-s7jz-ruh8" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze3" } ], "aliases": [ "CVE-2009-3606" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zr8n-mfu1-4yg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83018?format=api", "vulnerability_id": "VCID-zzy2-1yr8-83cf", "summary": "poppler: reachable abort in Object.h", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19058.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19058.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19058", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50976", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51029", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51054", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51011", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51068", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51065", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51108", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51087", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51071", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.5111", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51116", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51093", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19058" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19058", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19058" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649435", "reference_id": "1649435", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649435" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913177", "reference_id": "913177", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2018-19058" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zzy2-1yr8-83cf" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.4.5-5.1" }