Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1035934?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1035934?format=api", "purl": "pkg:deb/debian/poppler@0.12.4-1.2%2Bsqueeze4", "type": "deb", "namespace": "debian", "name": "poppler", "version": "0.12.4-1.2+squeeze4", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "25.03.0-11.1", "latest_non_vulnerable_version": "25.03.0-11.1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87797?format=api", "vulnerability_id": "VCID-1j2u-8dqz-q3ad", "summary": "xpdf: XRef table parsing infinite loop", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0207.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0207.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63361", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63384", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63258", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63317", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63344", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.6331", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63362", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63379", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63397", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.6338", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63343", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63377", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0207" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0207" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2010-0207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2010-0207" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=583738", "reference_id": "583738", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=583738" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.03-17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.03-17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.03-17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.04-13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.04-13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.04-13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.04-4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.04-4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.04-4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0207", "reference_id": "CVE-2010-0207", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0207" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035935?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-6" } ], "aliases": [ "CVE-2010-0207" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1j2u-8dqz-q3ad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57325?format=api", "vulnerability_id": "VCID-21p7-89u3-bydd", "summary": "Multiple vulnerabilities have been found in Poppler, allowing\n remote attackers to execute arbitrary code or cause a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4474.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4474.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4474", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96174", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96182", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96189", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96193", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96202", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96206", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.9621", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96209", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96211", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.9622", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96224", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.25399", "scoring_system": "epss", "scoring_elements": "0.96225", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4474" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4474" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1024762", "reference_id": "1024762", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1024762" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729064", "reference_id": "729064", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729064" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/38817.txt", "reference_id": "CVE-2013-4474;OSVDB-99066", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/38817.txt" }, { "reference_url": "https://www.securityfocus.com/bid/63374/info", "reference_id": "CVE-2013-4474;OSVDB-99066", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/63374/info" }, { "reference_url": "https://security.gentoo.org/glsa/201401-21", "reference_id": "GLSA-201401-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-21" }, { "reference_url": "https://usn.ubuntu.com/2958-1/", "reference_id": "USN-2958-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2958-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035936?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2~bpo70%252B1" } ], "aliases": [ "CVE-2013-4474" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-21p7-89u3-bydd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83248?format=api", "vulnerability_id": "VCID-29b3-s5n9-5fd8", "summary": "poppler: out of bounds read in pdfunite", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13988.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13988.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-13988", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70705", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70674", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70719", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00645", "scoring_system": "epss", "scoring_elements": "0.70726", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.7471", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74717", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74731", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74755", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74734", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74681", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74685", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.74684", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-13988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13988" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602838", "reference_id": "1602838", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1602838" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904922", "reference_id": "904922", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3140", "reference_id": "RHSA-2018:3140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3140" }, { "reference_url": "https://usn.ubuntu.com/3757-1/", "reference_id": "USN-3757-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3757-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2018-13988" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-29b3-s5n9-5fd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82697?format=api", "vulnerability_id": "VCID-2ck3-hjtt-hbax", "summary": "poppler: pdftohtml: access to uninitialized pointer could lead to DoS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27778.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27778.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27778", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51622", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51673", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51698", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51658", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51712", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51708", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51758", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51736", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51719", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.5176", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51767", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00283", "scoring_system": "epss", "scoring_elements": "0.51747", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-27778" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27778" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1900712", "reference_id": "1900712", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1900712" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1881", "reference_id": "RHSA-2021:1881", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1881" }, { "reference_url": "https://usn.ubuntu.com/4646-1/", "reference_id": "USN-4646-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4646-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2020-27778" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ck3-hjtt-hbax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83989?format=api", "vulnerability_id": "VCID-3kw1-pxdk-27h4", "summary": "poppler: NULL pointer dereference in the SplashOutputDev::type3D0() function", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14927.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14927.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14927", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36157", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36207", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36182", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36224", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.36209", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49389", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49417", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.4937", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49424", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.4942", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49438", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49361", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14927" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102604", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102604" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14927" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500324", "reference_id": "1500324", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500324" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877237", "reference_id": "877237", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877237" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14927", "reference_id": "CVE-2017-14927", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14927" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14927" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3kw1-pxdk-27h4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69077?format=api", "vulnerability_id": "VCID-3u3m-ru9u-buem", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9775.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9775.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73589", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73693", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73648", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.7364", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73684", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73598", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73622", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73594", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.7363", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73643", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00778", "scoring_system": "epss", "scoring_elements": "0.73666", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466442", "reference_id": "1466442", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466442" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865680", "reference_id": "865680", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865680" }, { "reference_url": "https://security.archlinux.org/ASA-201706-33", "reference_id": "ASA-201706-33", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-33" }, { "reference_url": "https://security.archlinux.org/AVG-326", "reference_id": "AVG-326", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2551", "reference_id": "RHSA-2017:2551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2551" }, { "reference_url": "https://usn.ubuntu.com/3350-1/", "reference_id": "USN-3350-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3350-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-9775" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3u3m-ru9u-buem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69084?format=api", "vulnerability_id": "VCID-44yv-r4hg-17db", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14520.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14520.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44995", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45008", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45009", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45031", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44999", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45001", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45051", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.45044", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00223", "scoring_system": "epss", "scoring_elements": "0.44956", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51975", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51927", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.52", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14520" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102719", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102719" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4079" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494582", "reference_id": "1494582", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1494582" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876081", "reference_id": "876081", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876081" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14520", "reference_id": "CVE-2017-14520", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14520" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14520" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-44yv-r4hg-17db" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78166?format=api", "vulnerability_id": "VCID-48ua-ch85-w3cg", "summary": "poppler: Reachable assertion in Object.h", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38349.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38349.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38349", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05403", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05714", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05779", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05743", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05755", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05751", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0579", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05815", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05794", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38349" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282", "reference_id": "1282", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:39:03Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251630", "reference_id": "2251630", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2251630" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28", "reference_id": "4564a002bcb6094cc460bc0d5ddff9423fe6dd28", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:39:03Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28" }, { "reference_url": "https://usn.ubuntu.com/6508-1/", "reference_id": "USN-6508-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6508-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2022-38349" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-48ua-ch85-w3cg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87796?format=api", "vulnerability_id": "VCID-4rx1-68jr-myac", "summary": "xpdf: Invalid pointer dereference by processing JBIG2 PDF stream objects", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0206.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0206.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63361", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63384", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63258", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63317", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63344", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.6331", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63362", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63379", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63397", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.6338", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63343", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00443", "scoring_system": "epss", "scoring_elements": "0.63377", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0206" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-0206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0206" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2010-0206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2010-0206" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=580105", "reference_id": "580105", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=580105" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.03-17:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.03-17:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.03-17:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.04-13:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.04-13:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.04-13:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.04-4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:3.04-4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:3.04-4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0206", "reference_id": "CVE-2010-0206", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0206" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035935?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-6" } ], "aliases": [ "CVE-2010-0206" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4rx1-68jr-myac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70459?format=api", "vulnerability_id": "VCID-4ucr-xaac-7uc7", "summary": "poppler: Floating-Point Exception in Poppler", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32364.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32364.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32364", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26434", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26252", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26371", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.2638", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26333", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26275", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26281", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26256", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26478", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26319", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29831", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32364" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102190", "reference_id": "1102190", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102190" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1574", "reference_id": "1574", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T16:06:56Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1574" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357657", "reference_id": "2357657", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357657" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/d87bc726c7cc98f8c26b60ece5f20236e9de1bc3", "reference_id": "d87bc726c7cc98f8c26b60ece5f20236e9de1bc3", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T16:06:56Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/d87bc726c7cc98f8c26b60ece5f20236e9de1bc3" }, { "reference_url": "https://usn.ubuntu.com/7426-1/", "reference_id": "USN-7426-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7426-1/" }, { "reference_url": "https://usn.ubuntu.com/7426-2/", "reference_id": "USN-7426-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7426-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2025-32364" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4ucr-xaac-7uc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82120?format=api", "vulnerability_id": "VCID-5jej-esjt-uqak", "summary": "poppler: integer overflow in Parser::makeStream in Parser.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21009.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21009.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-21009", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65047", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65161", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65131", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65167", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65177", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65097", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65124", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65088", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65137", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.6515", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65169", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00481", "scoring_system": "epss", "scoring_elements": "0.65159", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-21009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21009" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/commit/0868c499a9f5f37f8df5c9fef03c37496b40fc8a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/commit/0868c499a9f5f37f8df5c9fef03c37496b40fc8a" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753850", "reference_id": "1753850", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1753850" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-21009", "reference_id": "CVE-2018-21009", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-21009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074", "reference_id": "RHSA-2020:1074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1074" }, { "reference_url": "https://usn.ubuntu.com/4646-1/", "reference_id": "USN-4646-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4646-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2018-21009" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5jej-esjt-uqak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82426?format=api", "vulnerability_id": "VCID-5py7-z1gg-9fet", "summary": "poppler: divide-by-zero in function SplashOutputDev::tilingPatternFill in SplashOutputDev.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14494.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14494.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83467", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.8348", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83494", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83493", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83518", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83527", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83542", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83536", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83532", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83566", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83567", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01969", "scoring_system": "epss", "scoring_elements": "0.83568", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-14494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14494" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797453", "reference_id": "1797453", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797453" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933812", "reference_id": "933812", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933812" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3977", "reference_id": "RHSA-2020:3977", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3977" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4643", "reference_id": "RHSA-2020:4643", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4643" }, { "reference_url": "https://usn.ubuntu.com/4091-1/", "reference_id": "USN-4091-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4091-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2019-14494" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5py7-z1gg-9fet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31254?format=api", "vulnerability_id": "VCID-6b75-d741-vufk", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=b1026b5978c385328f2a15a2185c599a563edf91", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=b1026b5978c385328f2a15a2185c599a563edf91" }, { "reference_url": "http://j00ru.vexillium.org/?p=1507", "reference_id": "", "reference_type": "", "scores": [], "url": "http://j00ru.vexillium.org/?p=1507" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100081.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100081.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100090.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100090.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1790.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1790.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1790", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86091", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86012", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86023", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86039", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86059", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86069", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86083", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.8608", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86076", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86093", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02786", "scoring_system": "epss", "scoring_elements": "0.86098", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1790" }, { "reference_url": "http://secunia.com/advisories/52846", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/52846" }, { "reference_url": "http://ubuntu.com/usn/usn-1785-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ubuntu.com/usn/usn-1785-1" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2719", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2013/dsa-2719" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:143", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:143" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/02/28/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/02/28/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/02/28/8", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/02/28/8" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702071", "reference_id": "702071", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702071" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=917111", "reference_id": "917111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=917111" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1790", "reference_id": "CVE-2013-1790", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1790" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://usn.ubuntu.com/1785-1/", "reference_id": "USN-1785-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1785-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035935?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-6" } ], "aliases": [ "CVE-2013-1790" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6b75-d741-vufk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79174?format=api", "vulnerability_id": "VCID-72nw-9jgd-4kdw", "summary": "poppler: abort in main() in pdfunite.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37051.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37051.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37051", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13629", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.1369", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.1349", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13571", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13621", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13593", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13556", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13508", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.1342", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13416", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13489", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37051" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37051", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37051" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234528", "reference_id": "2234528", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234528" }, { "reference_url": "https://usn.ubuntu.com/6508-1/", "reference_id": "USN-6508-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6508-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2022-37051" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-72nw-9jgd-4kdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82919?format=api", "vulnerability_id": "VCID-74sz-r8kq-qkd5", "summary": "poppler: reachable Object::getString assertion in AnnotRichMedia class in Annot.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20551.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20551.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20551", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54012", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54117", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54094", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54133", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54137", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.5403", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54056", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54033", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54085", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54083", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54129", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54111", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20551" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/703", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/703" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/merge_requests/146", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/merge_requests/146" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665259", "reference_id": "1665259", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665259" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917525", "reference_id": "917525", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917525" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20551", "reference_id": "CVE-2018-20551", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3886-1/", "reference_id": "USN-3886-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3886-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2018-20551" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-74sz-r8kq-qkd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83988?format=api", "vulnerability_id": "VCID-7n47-6efe-eybd", "summary": "poppler: NULL pointer dereference in the AnnotRichMedia::Content::Content", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14926.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14926.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14926", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38591", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.3867", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38643", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38691", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38669", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.5244", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52468", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52433", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52486", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.5248", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52531", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52395", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14926" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14926" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500323", "reference_id": "1500323", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500323" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877239", "reference_id": "877239", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877239" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14926", "reference_id": "CVE-2017-14926", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14926" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14926" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7n47-6efe-eybd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82739?format=api", "vulnerability_id": "VCID-7p5r-eqxs-tugv", "summary": "poppler: heap-based buffer over-read in function downsample_row_box_filter in CairoRescaleBox.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9631.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9631.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84271", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84364", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84338", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.8436", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84361", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84284", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84303", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84304", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84326", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84331", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84349", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02178", "scoring_system": "epss", "scoring_elements": "0.84342", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/736", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/736" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00011.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00011.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686802", "reference_id": "1686802", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686802" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926673", "reference_id": "926673", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926673" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9631", "reference_id": "CVE-2019-9631", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2019-9631" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7p5r-eqxs-tugv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82724?format=api", "vulnerability_id": "VCID-8t2a-b56v-tqcs", "summary": "poppler: stack consumption in function Dict::find() in Dict.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9903.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9903.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9903", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72654", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72751", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72706", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72748", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72759", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72662", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72679", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72657", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72696", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72709", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72733", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72716", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9903" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/741", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/741" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE/" }, { "reference_url": "https://research.loginsoft.com/bugs/stack-based-buffer-overflows-in-dictfind-poppler-0-74-0/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://research.loginsoft.com/bugs/stack-based-buffer-overflows-in-dictfind-poppler-0-74-0/" }, { "reference_url": "http://www.securityfocus.com/bid/107560", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107560" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1691724", "reference_id": "1691724", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1691724" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925264", "reference_id": "925264", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925264" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9903", "reference_id": "CVE-2019-9903", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2019-9903" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8t2a-b56v-tqcs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82664?format=api", "vulnerability_id": "VCID-96jm-1vhy-eyfd", "summary": "poppler: infinite recursion in function FontInfoScanner::scanFonts in FontInfo.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11026.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11026.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11026", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66509", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66615", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.6658", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66616", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66631", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66549", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66574", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66546", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66593", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66607", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66626", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00514", "scoring_system": "epss", "scoring_elements": "0.66614", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11026" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11026" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/752", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/752" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5JWQE2WP4W4F2FEYPYJQBPQIOG75MVH/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T5JWQE2WP4W4F2FEYPYJQBPQIOG75MVH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XGYLZZ4DZUDBQEGCNDWSZPSFNNZJF4S6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XWWVIYFXM74KJFIDHP4W67HR4FRF2LDE/" }, { "reference_url": "https://research.loginsoft.com/bugs/1508/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://research.loginsoft.com/bugs/1508/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1699862", "reference_id": "1699862", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1699862" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926721", "reference_id": "926721", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926721" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.75.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.75.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.75.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11026", "reference_id": "CVE-2019-11026", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11026" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2019-11026" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-96jm-1vhy-eyfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93950?format=api", "vulnerability_id": "VCID-9hnb-h64u-zkev", "summary": "In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C::convertToType1 in fofi/FoFiType1C.cc when the index number is larger than the charset array bounds. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12957", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52505", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52506", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.5249", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52473", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52513", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52519", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52455", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52888", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52914", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52882", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52933", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52862", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12957" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035936?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2~bpo70%252B1" } ], "aliases": [ "CVE-2019-12957" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9hnb-h64u-zkev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31251?format=api", "vulnerability_id": "VCID-9yxn-jhqm-hbhv", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=0388837f01bc467045164f9ddaff787000a8caaa", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=0388837f01bc467045164f9ddaff787000a8caaa" }, { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=8b6dc55e530b2f5ede6b9dfb64aafdd1d5836492", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=8b6dc55e530b2f5ede6b9dfb64aafdd1d5836492" }, { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=957aa252912cde85d76c41e9710b33425a82b696", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=957aa252912cde85d76c41e9710b33425a82b696" }, { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=bbc2d8918fe234b7ef2c480eb148943922cc0959", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=bbc2d8918fe234b7ef2c480eb148943922cc0959" }, { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=e14b6e9c13d35c9bd1e0c50906ace8e707816888", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/?h=poppler-0.22&id=e14b6e9c13d35c9bd1e0c50906ace8e707816888" }, { "reference_url": "http://j00ru.vexillium.org/?p=1507", "reference_id": "", "reference_type": "", "scores": [], "url": "http://j00ru.vexillium.org/?p=1507" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100081.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100081.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100090.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2013-March/100090.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1788.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1788.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1788", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88668", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88605", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88614", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.8863", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88631", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.8865", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88654", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88667", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.8866", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.88673", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04145", "scoring_system": "epss", "scoring_elements": "0.8867", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1788" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1788", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1788" }, { "reference_url": "http://secunia.com/advisories/52846", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/52846" }, { "reference_url": "http://ubuntu.com/usn/usn-1785-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://ubuntu.com/usn/usn-1785-1" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2719", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2013/dsa-2719" }, { "reference_url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:143", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:143" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/02/28/4", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/02/28/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/02/28/8", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/02/28/8" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702071", "reference_id": "702071", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702071" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=917108", "reference_id": "917108", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=917108" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1788", "reference_id": "CVE-2013-1788", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1788" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" }, { "reference_url": "https://usn.ubuntu.com/1785-1/", "reference_id": "USN-1785-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1785-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035935?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-6" } ], "aliases": [ "CVE-2013-1788" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9yxn-jhqm-hbhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78187?format=api", "vulnerability_id": "VCID-bc96-6vy6-ryfz", "summary": "poppler: Stack-Overflow in `FoFiType1C::cvtGlyph`", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36023.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36023.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36023", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20984", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21138", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20935", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20968", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20956", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20955", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21193", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20906", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20987", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21048", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21064", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2102", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36023" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36023", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36023" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1013", "reference_id": "1013", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:59:31Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1013" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231510", "reference_id": "2231510", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231510" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:59:31Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html" }, { "reference_url": "https://usn.ubuntu.com/6299-1/", "reference_id": "USN-6299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2020-36023" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bc96-6vy6-ryfz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56083?format=api", "vulnerability_id": "VCID-bvmu-gq2p-jygf", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7511.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7511.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7511", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.54933", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55083", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55101", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55105", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55038", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55063", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55088", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.551", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.5508", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7511" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1456827", "reference_id": "1456827", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1456827" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863759", "reference_id": "863759", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863759" }, { "reference_url": "https://security.gentoo.org/glsa/201801-17", "reference_id": "GLSA-201801-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201801-17" }, { "reference_url": "https://usn.ubuntu.com/3350-1/", "reference_id": "USN-3350-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3350-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-7511" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bvmu-gq2p-jygf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79177?format=api", "vulnerability_id": "VCID-c4wz-u632-eyeh", "summary": "poppler: abort in PDFDoc::savePageAs in PDFDoc.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37050.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37050.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37050", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19984", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19799", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19849", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19903", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19912", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19869", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19811", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19783", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19786", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20043", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19769", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37050" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37050" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1274", "reference_id": "1274", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1274" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234527", "reference_id": "2234527", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234527" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/dcd5bd8238ea448addd102ff045badd0aca1b990", "reference_id": "dcd5bd8238ea448addd102ff045badd0aca1b990", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/dcd5bd8238ea448addd102ff045badd0aca1b990" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00022.html", "reference_id": "msg00022.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00022.html" }, { "reference_url": "https://usn.ubuntu.com/6508-1/", "reference_id": "USN-6508-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6508-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2022-37050" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c4wz-u632-eyeh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57324?format=api", "vulnerability_id": "VCID-cf6h-786m-rkds", "summary": "Multiple vulnerabilities have been found in Poppler, allowing\n remote attackers to execute arbitrary code or cause a Denial of Service\n condition.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4473.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4473.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4473", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84583", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84597", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84618", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.8462", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84641", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84648", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84666", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84661", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84656", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84677", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84678", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02273", "scoring_system": "epss", "scoring_elements": "0.84679", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4473" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1024753", "reference_id": "1024753", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1024753" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729064", "reference_id": "729064", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729064" }, { "reference_url": "https://security.gentoo.org/glsa/201401-21", "reference_id": "GLSA-201401-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-21" }, { "reference_url": "https://usn.ubuntu.com/2958-1/", "reference_id": "USN-2958-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2958-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035936?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2~bpo70%252B1" } ], "aliases": [ "CVE-2013-4473" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cf6h-786m-rkds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82344?format=api", "vulnerability_id": "VCID-crcj-9bh9-7kb7", "summary": "poppler: integer overflow in JPXStream::init function leading to memory consumption", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9959.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9959.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9959", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.80977", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.80986", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81009", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81008", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81036", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81043", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.8106", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81047", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81039", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81077", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81078", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81075", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9959" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9959", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9959" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732340", "reference_id": "1732340", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1732340" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941776", "reference_id": "941776", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941776" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074", "reference_id": "RHSA-2020:1074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1074" }, { "reference_url": "https://usn.ubuntu.com/4646-1/", "reference_id": "USN-4646-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4646-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2019-9959" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-crcj-9bh9-7kb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69081?format=api", "vulnerability_id": "VCID-csqv-t3cr-4uap", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14517.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14517.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45896", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45897", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45904", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.45956", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00231", "scoring_system": "epss", "scoring_elements": "0.4595", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61372", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61401", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.6137", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61417", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61433", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61454", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61293", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14517" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102687", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102687" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4079" }, { "reference_url": "http://www.securityfocus.com/bid/105050", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/105050" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499162", "reference_id": "1499162", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499162" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876079", "reference_id": "876079", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876079" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14517", "reference_id": "CVE-2017-14517", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14517" }, { "reference_url": "https://usn.ubuntu.com/3433-1/", "reference_id": "USN-3433-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3433-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14517" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-csqv-t3cr-4uap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82912?format=api", "vulnerability_id": "VCID-cwyp-gapg-yufk", "summary": "poppler: reachable Object::dictLookup assertion in FileSpec class in FileSpec.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20650.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20650.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20650", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57699", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57812", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57808", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57837", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57836", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57783", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57803", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57778", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57834", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57851", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00355", "scoring_system": "epss", "scoring_elements": "0.57829", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20650" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20650", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20650" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/commit/de0c0b8324e776f0b851485e0fc9622fc35695b7", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/commit/de0c0b8324e776f0b851485e0fc9622fc35695b7" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/704", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/704" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00033.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html" }, { "reference_url": "http://www.securityfocus.com/bid/106459", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106459" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665263", "reference_id": "1665263", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665263" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917974", "reference_id": "917974", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917974" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20650", "reference_id": "CVE-2018-20650", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20650" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3865-1/", "reference_id": "USN-3865-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3865-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2018-20650" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cwyp-gapg-yufk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70458?format=api", "vulnerability_id": "VCID-d5fj-5prg-97f4", "summary": "poppler: Out-of-Bounds Read in Poppler", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32365.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32365.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32365", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23524", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23385", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23484", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23446", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23391", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23408", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23403", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23561", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23343", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23416", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23466", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-32365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32365" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102191", "reference_id": "1102191", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102191" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1577", "reference_id": "1577", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T14:43:55Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1577" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1792", "reference_id": "1792", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T14:43:55Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1792" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357656", "reference_id": "2357656", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357656" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0126", "reference_id": "RHSA-2026:0126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0128", "reference_id": "RHSA-2026:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0130", "reference_id": "RHSA-2026:0130", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0130" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0772", "reference_id": "RHSA-2026:0772", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0772" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0773", "reference_id": "RHSA-2026:0773", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0773" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0774", "reference_id": "RHSA-2026:0774", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0774" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0795", "reference_id": "RHSA-2026:0795", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0795" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0796", "reference_id": "RHSA-2026:0796", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0797", "reference_id": "RHSA-2026:0797", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0799", "reference_id": "RHSA-2026:0799", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:0799" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1090", "reference_id": "RHSA-2026:1090", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:1091", "reference_id": "RHSA-2026:1091", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2026:1091" }, { "reference_url": "https://usn.ubuntu.com/7426-1/", "reference_id": "USN-7426-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7426-1/" }, { "reference_url": "https://usn.ubuntu.com/7426-2/", "reference_id": "USN-7426-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7426-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2025-32365" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d5fj-5prg-97f4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82678?format=api", "vulnerability_id": "VCID-dh3p-2g4s-wke6", "summary": "poppler: heap-based buffer over-read in function Splash::blitTransparent in splash/Splash.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10872.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10872.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10872", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76097", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76184", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76156", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76198", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76201", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.761", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76132", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76112", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76145", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76158", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76183", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00935", "scoring_system": "epss", "scoring_elements": "0.76159", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10872" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/750", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/750" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/06/msg00002.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/" }, { "reference_url": "http://www.securityfocus.com/bid/107862", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107862" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696638", "reference_id": "1696638", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696638" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926530", "reference_id": "926530", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926530" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10872", "reference_id": "CVE-2019-10872", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10872" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2019-10872" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dh3p-2g4s-wke6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87913?format=api", "vulnerability_id": "VCID-e6c9-n7zk-3bfz", "summary": "poppler: heap based buffer overflow in DCTStream.cc", "references": [ { "reference_url": "http://cgit.freedesktop.org/poppler/poppler/commit/poppler/DCTStream.cc?id=fc071d800cb4329a3ccf898d7bf16b4db7323ad8", "reference_id": "", "reference_type": "", "scores": [], "url": "http://cgit.freedesktop.org/poppler/poppler/commit/poppler/DCTStream.cc?id=fc071d800cb4329a3ccf898d7bf16b4db7323ad8" }, { "reference_url": "http://comments.gmane.org/gmane.comp.security.oss.general/11132", "reference_id": "", "reference_type": "", "scores": [], "url": "http://comments.gmane.org/gmane.comp.security.oss.general/11132" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5110.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-5110.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-5110", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73678", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73583", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73592", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73616", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73588", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73624", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73637", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.7366", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73643", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73634", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73677", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73686", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-5110" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=26280", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=26280" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5110" }, { "reference_url": "http://secunia.com/advisories/59857", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/59857" }, { "reference_url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140817-1.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.suse.com/support/update/announcement/2014/suse-su-20140817-1.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=647377", "reference_id": "647377", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=647377" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=722705", "reference_id": "722705", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=722705" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.13.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.13.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.13.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.13.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.13.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.13.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-5110", "reference_id": "CVE-2010-5110", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-5110" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035935?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-6" } ], "aliases": [ "CVE-2010-5110" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6c9-n7zk-3bfz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93941?format=api", "vulnerability_id": "VCID-ebyg-yhza-wkaq", "summary": "A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12493", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52858", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52749", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52773", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52799", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52767", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52818", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52811", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52862", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52846", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.5283", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52867", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00295", "scoring_system": "epss", "scoring_elements": "0.52874", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12493" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" } ], "aliases": [ "CVE-2019-12493" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ebyg-yhza-wkaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/81122?format=api", "vulnerability_id": "VCID-enu8-gjre-fbap", "summary": "poppler: uncontrolled recursion in pdfinfo and pdftops", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-23804.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-23804.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-23804", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49843", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.4988", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49909", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49859", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49913", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49906", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49925", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49897", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49898", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49944", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49917", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-23804" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23804", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23804" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234526", "reference_id": "2234526", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234526" }, { "reference_url": "https://usn.ubuntu.com/6508-1/", "reference_id": "USN-6508-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6508-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2020-23804" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-enu8-gjre-fbap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60453?format=api", "vulnerability_id": "VCID-ervb-318m-tygv", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14975.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14975.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.7795", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78034", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78008", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78007", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78042", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78041", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77957", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77986", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77967", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77994", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77999", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78026", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14975" }, { "reference_url": "https://bugzilla.freedesktop.org/show_bug.cgi?id=102653", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.freedesktop.org/show_bug.cgi?id=102653" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4079" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500343", "reference_id": "1500343", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500343" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877957", "reference_id": "877957", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877957" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14975", "reference_id": "CVE-2017-14975", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14975" }, { "reference_url": "https://security.gentoo.org/glsa/201804-03", "reference_id": "GLSA-201804-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-03" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14975" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ervb-318m-tygv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83020?format=api", "vulnerability_id": "VCID-ervj-1sdg-b3bm", "summary": "poppler: pdfdetach utility does not validate save paths", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19060.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19060.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19060", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35073", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35273", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35301", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35182", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35227", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35252", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35256", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35221", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35197", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35235", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35172", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19060" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649450", "reference_id": "1649450", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649450" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913182", "reference_id": "913182", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913182" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2018-19060" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ervj-1sdg-b3bm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60455?format=api", "vulnerability_id": "VCID-ex2h-ahg3-s7b9", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14977.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14977.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.7795", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78034", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78008", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78007", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78042", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78041", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77957", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77986", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77967", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77994", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.77999", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01097", "scoring_system": "epss", "scoring_elements": "0.78026", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14977" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=103045", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=103045" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4079" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500344", "reference_id": "1500344", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500344" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877952", "reference_id": "877952", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877952" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14977", "reference_id": "CVE-2017-14977", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14977" }, { "reference_url": "https://security.gentoo.org/glsa/201804-03", "reference_id": "GLSA-201804-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-03" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14977" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ex2h-ahg3-s7b9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31248?format=api", "vulnerability_id": "VCID-gc6w-tctk-nycd", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4653.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4653.json" }, { "reference_url": "https://access.redhat.com/security/cve/cve-2010-4653", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/cve/cve-2010-4653" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4653", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73766", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73775", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73677", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73685", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73709", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73682", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73717", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73729", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73751", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73733", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73724", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00782", "scoring_system": "epss", "scoring_elements": "0.73767", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4653" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4653", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4653" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4653", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4653" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201310-03.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201310-03.xml" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2010-4653", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2010-4653" }, { "reference_url": "http://www.securityfocus.com/bid/45948", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/45948" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=672165", "reference_id": "672165", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=672165" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4653", "reference_id": "CVE-2010-4653", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4653" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035935?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-6" } ], "aliases": [ "CVE-2010-4653" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gc6w-tctk-nycd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82511?format=api", "vulnerability_id": "VCID-gfxh-3er7-zyam", "summary": "xpdf: buffer over-read via crafted PDF document leads to DoS or memory leak", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12360.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12360.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12360", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57463", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57547", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57568", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57543", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57596", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.576", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57615", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57595", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57573", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57602", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57599", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00351", "scoring_system": "epss", "scoring_elements": "0.57578", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12360" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850876", "reference_id": "1850876", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1850876" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" } ], "aliases": [ "CVE-2019-12360" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gfxh-3er7-zyam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56087?format=api", "vulnerability_id": "VCID-gt34-muf6-abc7", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9865.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9865.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73288", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73383", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73381", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73389", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73297", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73321", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73293", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73329", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73342", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73366", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73346", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0076", "scoring_system": "epss", "scoring_elements": "0.73338", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466435", "reference_id": "1466435", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466435" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867477", "reference_id": "867477", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867477" }, { "reference_url": "https://security.gentoo.org/glsa/201801-17", "reference_id": "GLSA-201801-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201801-17" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-9865" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gt34-muf6-abc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69082?format=api", "vulnerability_id": "VCID-h1ka-xthk-rug9", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14518.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14518.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50652", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.5064", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50625", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50667", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00272", "scoring_system": "epss", "scoring_elements": "0.50673", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57322", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57345", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57321", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57372", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57374", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.5739", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.5724", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14518" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102688", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102688" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4079" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499163", "reference_id": "1499163", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499163" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876082", "reference_id": "876082", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876082" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14518", "reference_id": "CVE-2017-14518", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14518" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14518" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h1ka-xthk-rug9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49987?format=api", "vulnerability_id": "VCID-h3q1-dbx2-hubv", "summary": "A vulnerability has been discovered in Poppler which could allow for arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38784.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38784.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38784", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24575", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24494", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24506", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24499", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24652", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24689", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24461", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24531", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24591", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24547", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26228", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-38784" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018971", "reference_id": "1018971", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018971" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124527", "reference_id": "2124527", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2124527" }, { "reference_url": "https://security.archlinux.org/AVG-2812", "reference_id": "AVG-2812", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2812" }, { "reference_url": "https://security.gentoo.org/glsa/202209-21", "reference_id": "GLSA-202209-21", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2259", "reference_id": "RHSA-2023:2259", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2259" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2810", "reference_id": "RHSA-2023:2810", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2810" }, { "reference_url": "https://usn.ubuntu.com/5606-1/", "reference_id": "USN-5606-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5606-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2022-38784" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h3q1-dbx2-hubv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83934?format=api", "vulnerability_id": "VCID-hf11-8tk1-5kc4", "summary": "poppler: Memory corruption via Gfx.cc infinite loop", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14929.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14929.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14929", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41069", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41145", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41128", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41171", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41142", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64671", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64677", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64693", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64709", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64589", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64642", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.64629", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14929" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14929" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4097" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499167", "reference_id": "1499167", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499167" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877222", "reference_id": "877222", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877222" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14929", "reference_id": "CVE-2017-14929", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14929" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14929" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hf11-8tk1-5kc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82927?format=api", "vulnerability_id": "VCID-hmbq-4c5b-ukd7", "summary": "poppler: NULL pointer dereference in the XRef::getEntry in XRef.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20481.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20481.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20481", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78778", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.7885", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78828", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78856", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78853", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78785", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78816", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78799", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78825", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78831", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78854", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0119", "scoring_system": "epss", "scoring_elements": "0.78837", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20481" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/692", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/692" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/merge_requests/143" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html" }, { "reference_url": "http://www.securityfocus.com/bid/106321", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106321" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665266", "reference_id": "1665266", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665266" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917325", "reference_id": "917325", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917325" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20481", "reference_id": "CVE-2018-20481", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20481" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3865-1/", "reference_id": "USN-3865-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3865-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2018-20481" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hmbq-4c5b-ukd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83958?format=api", "vulnerability_id": "VCID-hszt-6bxr-syfe", "summary": "poppler: Floating point exception in the ImageStream class", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14617.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14617.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14617", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.66908", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67011", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67014", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.66983", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67016", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67031", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.66946", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.66972", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.66996", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67008", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00525", "scoring_system": "epss", "scoring_elements": "0.67028", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14617" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102854", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102854" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14617", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14617" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.7", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499905", "reference_id": "1499905", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499905" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876385", "reference_id": "876385", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876385" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14617", "reference_id": "CVE-2017-14617", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14617" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14617" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hszt-6bxr-syfe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/84282?format=api", "vulnerability_id": "VCID-jauh-5qga-hucw", "summary": "poppler: Stack exhaustion due to infinite recursive call in pdfunite", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7515.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7515.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7515", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44077", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44113", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44193", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44184", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44141", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44164", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44095", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44146", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44149", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44165", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00216", "scoring_system": "epss", "scoring_elements": "0.44132", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7515" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.7", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "2.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459066", "reference_id": "1459066", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1459066" }, { "reference_url": "https://usn.ubuntu.com/3350-1/", "reference_id": "USN-3350-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3350-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-7515" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jauh-5qga-hucw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82909?format=api", "vulnerability_id": "VCID-jc37-xtrj-p3cm", "summary": "poppler: SIGABRT PDFDoc::setup class in PDFDoc.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20662.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20662.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20662", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69132", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69224", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69198", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69237", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69245", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69148", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69169", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.6915", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.692", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69218", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.6924", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0059", "scoring_system": "epss", "scoring_elements": "0.69226", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20662" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20662", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20662" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/commit/9fd5ec0e6e5f763b190f2a55ceb5427cfe851d5f", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/commit/9fd5ec0e6e5f763b190f2a55ceb5427cfe851d5f" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/706", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/706" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665273", "reference_id": "1665273", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1665273" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918158", "reference_id": "918158", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918158" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.72.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20662", "reference_id": "CVE-2018-20662", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2018-20662" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jc37-xtrj-p3cm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56085?format=api", "vulnerability_id": "VCID-jd42-3thk-rqhr", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9406.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9406.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77441", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77524", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77534", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77531", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77447", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77472", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77453", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77482", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77492", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77517", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77498", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77495", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458701", "reference_id": "1458701", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458701" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864010", "reference_id": "864010", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864010" }, { "reference_url": "https://security.gentoo.org/glsa/201801-17", "reference_id": "GLSA-201801-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201801-17" }, { "reference_url": "https://usn.ubuntu.com/3350-1/", "reference_id": "USN-3350-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3350-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-9406" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jd42-3thk-rqhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60452?format=api", "vulnerability_id": "VCID-jw5j-xk5g-v3b1", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000456.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000456.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000456", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72411", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72497", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72457", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72499", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72508", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72416", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72434", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72449", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72462", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72485", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72467", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-1000456" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=103116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=103116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/01/msg00001.html" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4097" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531382", "reference_id": "1531382", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1531382" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.60.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.60.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.60.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000456", "reference_id": "CVE-2017-1000456", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000456" }, { "reference_url": "https://security.gentoo.org/glsa/201804-03", "reference_id": "GLSA-201804-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-03" }, { "reference_url": "https://usn.ubuntu.com/3517-1/", "reference_id": "USN-3517-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3517-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-1000456" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jw5j-xk5g-v3b1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82698?format=api", "vulnerability_id": "VCID-k1uz-1eqt-pbc6", "summary": "poppler: buffer overflow in HtmlOutputDev::page", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18839.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18839.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-18839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39864", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40012", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39919", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40028", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39999", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40038", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39958", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40011", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40025", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.40035", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39998", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00182", "scoring_system": "epss", "scoring_elements": "0.39978", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-18839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18839" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234524", "reference_id": "2234524", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234524" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/742", "reference_id": "742", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T16:29:54Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/742" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2020-18839" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k1uz-1eqt-pbc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/60454?format=api", "vulnerability_id": "VCID-kf69-av43-wffs", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14976.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14976.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.77912", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.77997", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.77987", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.7797", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.77969", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.78004", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.77919", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.77946", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.77929", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.77956", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01093", "scoring_system": "epss", "scoring_elements": "0.7796", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14976" }, { "reference_url": "https://bugzilla.freedesktop.org/show_bug.cgi?id=102724", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.freedesktop.org/show_bug.cgi?id=102724" }, { "reference_url": "https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cgit.freedesktop.org/poppler/poppler/commit/?id=da63c35549e8852a410946ab016a3f25ac701bdf" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4079" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500345", "reference_id": "1500345", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500345" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877954", "reference_id": "877954", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877954" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14976", "reference_id": "CVE-2017-14976", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14976" }, { "reference_url": "https://security.gentoo.org/glsa/201804-03", "reference_id": "GLSA-201804-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201804-03" }, { "reference_url": "https://usn.ubuntu.com/3517-1/", "reference_id": "USN-3517-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3517-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14976" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kf69-av43-wffs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83491?format=api", "vulnerability_id": "VCID-kre4-9v6u-3ked", "summary": "poppler: NULL pointer dereference in Annot.h:AnnotPath::getCoordsLength() allows for denial of service via crafted PDF", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0327", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3505" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10768.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10768.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10768", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.82945", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83049", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83008", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83047", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83046", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.82961", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.82974", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.82971", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.82996", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83003", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83019", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01853", "scoring_system": "epss", "scoring_elements": "0.83012", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-10768" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=106408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=106408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10768", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10768" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576169", "reference_id": "1576169", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576169" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10768", "reference_id": "CVE-2018-10768", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10768" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3140", "reference_id": "RHSA-2018:3140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3140" }, { "reference_url": "https://usn.ubuntu.com/3647-1/", "reference_id": "USN-3647-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3647-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" } ], "aliases": [ "CVE-2018-10768" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kre4-9v6u-3ked" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69080?format=api", "vulnerability_id": "VCID-kwa4-641f-ducs", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9776.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9776.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79262", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79334", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79322", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.7931", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79337", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79269", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79293", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79279", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79304", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79314", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01248", "scoring_system": "epss", "scoring_elements": "0.79338", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466443", "reference_id": "1466443", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1466443" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865679", "reference_id": "865679", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865679" }, { "reference_url": "https://security.archlinux.org/ASA-201706-33", "reference_id": "ASA-201706-33", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201706-33" }, { "reference_url": "https://security.archlinux.org/AVG-326", "reference_id": "AVG-326", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-326" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2550", "reference_id": "RHSA-2017:2550", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2550" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:2551", "reference_id": "RHSA-2017:2551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:2551" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-9776" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kwa4-641f-ducs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69083?format=api", "vulnerability_id": "VCID-mqt3-g77k-xqer", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14519.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14519.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3143", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31485", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31448", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31482", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31461", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62884", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62914", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62878", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62929", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62945", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62963", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00435", "scoring_system": "epss", "scoring_elements": "0.62826", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14519" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102701", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102701" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4079" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499165", "reference_id": "1499165", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1499165" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876086", "reference_id": "876086", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876086" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14519", "reference_id": "CVE-2017-14519", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14519" }, { "reference_url": "https://usn.ubuntu.com/3433-1/", "reference_id": "USN-3433-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3433-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14519" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mqt3-g77k-xqer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82518?format=api", "vulnerability_id": "VCID-myjj-5fsv-sybj", "summary": "poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12293.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12293.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12293", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76282", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76286", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76316", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76295", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76328", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76342", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76369", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76347", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76382", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76388", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00948", "scoring_system": "epss", "scoring_elements": "0.76372", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12293" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713582", "reference_id": "1713582", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713582" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929423", "reference_id": "929423", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074", "reference_id": "RHSA-2020:1074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1074" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2019-12293" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-myjj-5fsv-sybj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78188?format=api", "vulnerability_id": "VCID-n1sx-y7xc-kqfb", "summary": "poppler: NULL pointer dereference in `FoFiType1C::convertToType1`", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36024.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36024.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36024", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26431", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26481", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26272", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26327", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26335", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26308", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26524", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26305", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26373", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26423", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26385", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-36024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36024" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016", "reference_id": "1016", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:56:32Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231520", "reference_id": "2231520", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2231520" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html", "reference_id": "msg00017.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:56:32Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2979", "reference_id": "RHSA-2024:2979", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2979" }, { "reference_url": "https://usn.ubuntu.com/6299-1/", "reference_id": "USN-6299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6299-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2020-36024" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n1sx-y7xc-kqfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93837?format=api", "vulnerability_id": "VCID-ncat-8jz5-m7e5", "summary": "An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10018", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55404", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55387", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55368", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55246", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55345", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55369", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55347", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55398", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00323", "scoring_system": "epss", "scoring_elements": "0.55408", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10018" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10018", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10018" }, { "reference_url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41276", "reference_id": "", "reference_type": "", "scores": [], "url": "https://forum.xpdfreader.com/viewtopic.php?f=3&t=41276" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926133", "reference_id": "926133", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926133" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:4.01.01:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:xpdfreader:xpdf:4.01.01:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:xpdfreader:xpdf:4.01.01:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10018", "reference_id": "CVE-2019-10018", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10018" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2019-10018" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ncat-8jz5-m7e5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31250?format=api", "vulnerability_id": "VCID-ngzc-42z2-8yae", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2142.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-2142.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2142", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79914", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79921", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79941", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.7993", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79959", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79968", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79988", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79971", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79963", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79991", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79994", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-2142" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2142", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2142" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487773", "reference_id": "487773", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487773" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=789936", "reference_id": "789936", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=789936" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035936?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2~bpo70%252B1" } ], "aliases": [ "CVE-2012-2142" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ngzc-42z2-8yae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79175?format=api", "vulnerability_id": "VCID-nqqu-29qr-wfec", "summary": "poppler: reachable assertion due to a failure in markObject()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37052.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37052.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37052", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07427", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07547", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07507", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07429", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07418", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07469", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07451", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07509", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07532", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07534", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.0752", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-37052" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37052", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37052" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278", "reference_id": "1278", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:06:03Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234530", "reference_id": "2234530", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234530" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c", "reference_id": "8677500399fc2548fa816b619580c2c07915a98c", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:06:03Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c" }, { "reference_url": "https://usn.ubuntu.com/6508-1/", "reference_id": "USN-6508-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6508-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2022-37052" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nqqu-29qr-wfec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83987?format=api", "vulnerability_id": "VCID-pc5k-98kh-suce", "summary": "poppler: NULL pointer dereference in the AnnotRichMedia::Configuration::Configuration", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14928.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14928.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14928", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38591", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.3867", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38643", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38691", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38669", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.5244", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52468", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52433", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52486", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.5248", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52531", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00291", "scoring_system": "epss", "scoring_elements": "0.52395", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-14928" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=102607", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=102607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14928" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:C" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500322", "reference_id": "1500322", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1500322" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877231", "reference_id": "877231", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877231" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14928", "reference_id": "CVE-2017-14928", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14928" }, { "reference_url": "https://usn.ubuntu.com/3440-1/", "reference_id": "USN-3440-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3440-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-14928" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pc5k-98kh-suce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41481?format=api", "vulnerability_id": "VCID-qdcv-xd8k-8qbu", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow a Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19149.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19149.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19149", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49446", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49474", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.495", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49453", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49508", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49504", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49521", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49493", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49495", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49542", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.4954", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49511", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19149" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649457", "reference_id": "1649457", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649457" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914600", "reference_id": "914600", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914600" }, { "reference_url": "https://security.gentoo.org/glsa/201904-04", "reference_id": "GLSA-201904-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201904-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" }, { "reference_url": "https://usn.ubuntu.com/3837-2/", "reference_id": "USN-3837-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2018-19149" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdcv-xd8k-8qbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83892?format=api", "vulnerability_id": "VCID-qjj9-dejh-vuaq", "summary": "poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph() function allows denial of service", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2019:0327", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHBA-2019:0327" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3505" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18267.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18267.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18267", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50793", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50915", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50907", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50891", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50935", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50848", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50874", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50832", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50889", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50887", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50929", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-18267" }, { "reference_url": "https://bugzilla.freedesktop.org/show_bug.cgi?id=103238", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.freedesktop.org/show_bug.cgi?id=103238" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18267", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18267" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1578777", "reference_id": "1578777", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1578777" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898357", "reference_id": "898357", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898357" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18267", "reference_id": "CVE-2017-18267", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-18267" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:3140", "reference_id": "RHSA-2018:3140", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:3140" }, { "reference_url": "https://usn.ubuntu.com/3647-1/", "reference_id": "USN-3647-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3647-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-18267" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qjj9-dejh-vuaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/32136?format=api", "vulnerability_id": "VCID-qmt5-gtpg-vbg2", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183107.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183107.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183142.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-April/183142.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00068.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00068.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00077.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-06/msg00077.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2580.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2580.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8868.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8868.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77938", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77945", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77944", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77848", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77855", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77882", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77865", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77892", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77897", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77924", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01087", "scoring_system": "epss", "scoring_elements": "0.77908", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8868" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=93476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=93476" }, { "reference_url": "https://cgit.freedesktop.org/poppler/poppler/commit/?id=b3425dd3261679958cd56c0f71995c15d2124433", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cgit.freedesktop.org/poppler/poppler/commit/?id=b3425dd3261679958cd56c0f71995c15d2124433" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8868" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://poppler.freedesktop.org/releases.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://poppler.freedesktop.org/releases.html" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3563", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2016/dsa-3563" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/04/12/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/04/12/1" }, { "reference_url": "http://www.securityfocus.com/bid/89324", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/89324" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2958-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-2958-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1326225", "reference_id": "1326225", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1326225" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822578", "reference_id": "822578", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822578" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.39.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.39.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.39.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8868", "reference_id": "CVE-2015-8868", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8868" }, { "reference_url": "https://security.gentoo.org/glsa/201611-15", "reference_id": "GLSA-201611-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2580", "reference_id": "RHSA-2016:2580", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2580" }, { "reference_url": "https://usn.ubuntu.com/2958-1/", "reference_id": "USN-2958-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2958-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" } ], "aliases": [ "CVE-2015-8868" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qmt5-gtpg-vbg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82803?format=api", "vulnerability_id": "VCID-qpwe-7kfy-pyb8", "summary": "poppler: heap-based buffer over-read in XRef::getEntry in XRef.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7310.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7310.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7310", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.5322", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53324", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53318", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53301", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53339", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53344", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53244", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53269", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53236", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53289", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53283", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53333", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7310" }, { "reference_url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/717", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/717" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BI7NLDN2HUEU4ZW3D7XPHOAEGT2CKDRO/" }, { "reference_url": "http://www.securityfocus.com/bid/106829", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106829" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672419", "reference_id": "1672419", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672419" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921215", "reference_id": "921215", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921215" }, { "reference_url": "https://security.archlinux.org/AVG-869", "reference_id": "AVG-869", "reference_type": "", "scores": [ { "value": "Low", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-869" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.73.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.73.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.73.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7310", "reference_id": "CVE-2019-7310", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7310" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3886-1/", "reference_id": "USN-3886-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3886-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2019-7310" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qpwe-7kfy-pyb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69085?format=api", "vulnerability_id": "VCID-qsy6-em2u-cyd2", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15565.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15565.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69878", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69975", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69984", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69994", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.6989", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69905", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69882", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.6993", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69946", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.6997", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.69954", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00617", "scoring_system": "epss", "scoring_elements": "0.6994", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-15565" }, { "reference_url": "https://bugs.freedesktop.org/show_bug.cgi?id=103016", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.freedesktop.org/show_bug.cgi?id=103016" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2017/11/msg00023.html" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4079", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2018/dsa-4079" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510977", "reference_id": "1510977", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1510977" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879066", "reference_id": "879066", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879066" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.59.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15565", "reference_id": "CVE-2017-15565", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15565" }, { "reference_url": "https://usn.ubuntu.com/3467-1/", "reference_id": "USN-3467-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3467-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-15565" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qsy6-em2u-cyd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49250?format=api", "vulnerability_id": "VCID-qtb6-gvjp-cqbq", "summary": "Multiple vulnerabilities have been discovered in Poppler, the worst of which could lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27337.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27337.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27337", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46799", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46854", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46851", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46773", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46793", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46742", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46797", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46796", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46819", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46791", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46798", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-27337" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010695", "reference_id": "1010695", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010695" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087190", "reference_id": "2087190", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2087190" }, { "reference_url": "https://security.archlinux.org/AVG-2812", "reference_id": "AVG-2812", "reference_type": "", "scores": [ { "value": "Unknown", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2812" }, { "reference_url": "https://security.gentoo.org/glsa/202509-01", "reference_id": "GLSA-202509-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-01" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7594", "reference_id": "RHSA-2022:7594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8151", "reference_id": "RHSA-2022:8151", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8151" }, { "reference_url": "https://usn.ubuntu.com/6273-1/", "reference_id": "USN-6273-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6273-1/" }, { "reference_url": "https://usn.ubuntu.com/7687-1/", "reference_id": "USN-7687-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7687-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2022-27337" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtb6-gvjp-cqbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82677?format=api", "vulnerability_id": "VCID-s3q2-uvnc-wfep", "summary": "poppler: heap-based buffer over-read in function PSOutputDev::checkPageSlice in PSOutputDev.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10871.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10871.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10871", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70182", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70276", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70244", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70286", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70295", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70194", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70211", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70188", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70234", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70249", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70272", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00628", "scoring_system": "epss", "scoring_elements": "0.70257", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10871" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/751", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/751" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00024.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00024.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00025.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00025.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YWS7NVFFCUY3YSTMEKZEJEU6JVUUBKHB/" }, { "reference_url": "http://www.securityfocus.com/bid/107862", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107862" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696636", "reference_id": "1696636", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696636" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926529", "reference_id": "926529", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926529" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10871", "reference_id": "CVE-2019-10871", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10871" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1074", "reference_id": "RHSA-2020:1074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1074" }, { "reference_url": "https://usn.ubuntu.com/4646-1/", "reference_id": "USN-4646-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4646-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2019-10871" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s3q2-uvnc-wfep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/72599?format=api", "vulnerability_id": "VCID-tfe8-bq62-3ke4", "summary": "Poppler: out-of-bounds read", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56378.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-56378.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56378", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53765", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53728", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53725", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53774", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53757", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53741", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53779", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53783", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53679", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53707", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00305", "scoring_system": "epss", "scoring_elements": "0.53675", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-56378" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56378", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-56378" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091322", "reference_id": "1091322", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091322" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1553", "reference_id": "1553", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-26T19:27:24Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/issues/1553" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333794", "reference_id": "2333794", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333794" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/ade9b5ebed44b0c15522c27669ef6cdf93eff84e", "reference_id": "ade9b5ebed44b0c15522c27669ef6cdf93eff84e", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-26T19:27:24Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/commit/ade9b5ebed44b0c15522c27669ef6cdf93eff84e" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/-/blob/30eada0d2bceb42c2d2a87361339063e0b9bea50/CMakeLists.txt#L621", "reference_id": "CMakeLists.txt#L621", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-26T19:27:24Z/" } ], "url": "https://gitlab.freedesktop.org/poppler/poppler/-/blob/30eada0d2bceb42c2d2a87361339063e0b9bea50/CMakeLists.txt#L621" }, { "reference_url": "https://usn.ubuntu.com/7213-1/", "reference_id": "USN-7213-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7213-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994387?format=api", "purl": "pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1" } ], "aliases": [ "CVE-2024-56378" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tfe8-bq62-3ke4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83023?format=api", "vulnerability_id": "VCID-tt3h-qbbv-zuev", "summary": "poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18897.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18897.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3556", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35581", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.3562", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35609", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41653", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.4163", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41639", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41663", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41629", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41536", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.4158", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00197", "scoring_system": "epss", "scoring_elements": "0.41626", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18897" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646546", "reference_id": "1646546", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1646546" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913164", "reference_id": "913164", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2018-18897" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tt3h-qbbv-zuev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82764?format=api", "vulnerability_id": "VCID-tu6x-7fgv-1ffu", "summary": "poppler: heap-based buffer overflow in function ImageStream::getLine() in Stream.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9200.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9200.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9200", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.89978", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90035", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90027", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90021", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90037", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.8998", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.89993", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.89998", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90014", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90019", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05298", "scoring_system": "epss", "scoring_elements": "0.90029", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-9200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9200" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/728" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00008.html" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/07/msg00018.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6OSCOYM3AMFFBJWSBWY6VJVLNE5JD7YS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JQ6RABASMSIMMWMDZTP6ZWUWZPTBSVB5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZWP5XSUG6GNRI75NYKF53KIB2CZY6QQ6/" }, { "reference_url": "https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://research.loginsoft.com/bugs/heap-based-buffer-underwrite-in-imagestreamgetline-poppler-0-74-0/" }, { "reference_url": "http://www.securityfocus.com/bid/107172", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107172" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1683632", "reference_id": "1683632", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1683632" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923414", "reference_id": "923414", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923414" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9200", "reference_id": "CVE-2019-9200", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9200" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2713", "reference_id": "RHSA-2019:2713", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2713" }, { "reference_url": "https://usn.ubuntu.com/3905-1/", "reference_id": "USN-3905-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3905-1/" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2019-9200" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tu6x-7fgv-1ffu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82681?format=api", "vulnerability_id": "VCID-tzdq-9gfz-yud5", "summary": "poppler: null-pointer dereference in function SplashClip::clipAALine in splash/SplashClip.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10873.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10873.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10873", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75676", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75759", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75733", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.7577", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75773", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75679", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.7571", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75689", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75723", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75734", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75758", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00905", "scoring_system": "epss", "scoring_elements": "0.75739", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-10873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10873" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/poppler/poppler/issues/748", "reference_id": "", "reference_type": "", "scores": [], "url": "https://gitlab.freedesktop.org/poppler/poppler/issues/748" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7MAWV24KRXTFODLVT46RXI27XIQFX2QR/" }, { "reference_url": "http://www.securityfocus.com/bid/107862", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/107862" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696637", "reference_id": "1696637", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1696637" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926532", "reference_id": "926532", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926532" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:0.74.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10873", "reference_id": "CVE-2019-10873", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10873" }, { "reference_url": "https://usn.ubuntu.com/4042-1/", "reference_id": "USN-4042-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4042-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2019-10873" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tzdq-9gfz-yud5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83019?format=api", "vulnerability_id": "VCID-wbyn-9mx6-a3gd", "summary": "poppler: out-of-bounds read in EmbFile::save2 in FileSpec.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19059.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19059.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19059", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3222", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32355", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32392", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32217", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32266", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32295", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32296", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32258", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32226", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32261", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32241", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32212", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19059" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19059", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19059" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649440", "reference_id": "1649440", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649440" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913180", "reference_id": "913180", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913180" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2018-19059" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wbyn-9mx6-a3gd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83187?format=api", "vulnerability_id": "VCID-yyzk-7mqj-m7hq", "summary": "poppler: infinite recursion in Parser::getObj function in Parser.cc", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16646.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16646.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16646", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71552", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71559", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71577", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.7155", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.7159", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.716", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71624", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00681", "scoring_system": "epss", "scoring_elements": "0.71608", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.83896", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.83862", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02049", "scoring_system": "epss", "scoring_elements": "0.83895", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16646" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16646", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16646" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1626618", "reference_id": "1626618", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1626618" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909802", "reference_id": "909802", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" }, { "reference_url": "https://usn.ubuntu.com/3837-2/", "reference_id": "USN-3837-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2018-16646" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yyzk-7mqj-m7hq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56086?format=api", "vulnerability_id": "VCID-zgja-p6ey-2kex", "summary": "Multiple vulnerabilities have been found in Poppler, the worst of\n which could allow the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9408.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9408.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77441", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77524", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77534", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77531", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77447", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77472", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77453", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77482", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77492", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77517", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77498", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01046", "scoring_system": "epss", "scoring_elements": "0.77495", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.7", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458702", "reference_id": "1458702", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1458702" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864009", "reference_id": "864009", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864009" }, { "reference_url": "https://security.gentoo.org/glsa/201801-17", "reference_id": "GLSA-201801-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201801-17" }, { "reference_url": "https://usn.ubuntu.com/3350-1/", "reference_id": "USN-3350-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3350-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035939?format=api", "purl": "pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037005?format=api", "purl": "pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049255?format=api", "purl": "pkg:deb/debian/poppler@0.71.0-5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5" } ], "aliases": [ "CVE-2017-9408" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zgja-p6ey-2kex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31249?format=api", "vulnerability_id": "VCID-zn54-s7jz-ruh8", "summary": "Multiple vulnerabilities have been found in Poppler, some of which\n may allow execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4654.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4654.json" }, { "reference_url": "https://access.redhat.com/security/cve/cve-2010-4654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/cve/cve-2010-4654" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4654", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64517", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64525", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64396", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.6445", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.6448", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64439", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64488", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64504", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64508", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64479", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00468", "scoring_system": "epss", "scoring_elements": "0.64513", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-4654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4654" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4654" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201310-03.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201310-03.xml" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2010-4654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2010-4654" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=672181", "reference_id": "672181", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=672181" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:freedesktop:poppler:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4654", "reference_id": "CVE-2010-4654", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:C/I:C/A:C" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-4654" }, { "reference_url": "https://security.gentoo.org/glsa/201310-03", "reference_id": "GLSA-201310-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201310-03" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1035935?format=api", "purl": "pkg:deb/debian/poppler@0.18.4-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21p7-89u3-bydd" }, { "vulnerability": "VCID-29b3-s5n9-5fd8" }, { "vulnerability": "VCID-2ck3-hjtt-hbax" }, { "vulnerability": "VCID-3kw1-pxdk-27h4" }, { "vulnerability": "VCID-3u3m-ru9u-buem" }, { "vulnerability": "VCID-44yv-r4hg-17db" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-5jej-esjt-uqak" }, { "vulnerability": "VCID-5py7-z1gg-9fet" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-74sz-r8kq-qkd5" }, { "vulnerability": "VCID-7n47-6efe-eybd" }, { "vulnerability": "VCID-7p5r-eqxs-tugv" }, { "vulnerability": "VCID-8t2a-b56v-tqcs" }, { "vulnerability": "VCID-96jm-1vhy-eyfd" }, { "vulnerability": "VCID-9hnb-h64u-zkev" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-bvmu-gq2p-jygf" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-cf6h-786m-rkds" }, { "vulnerability": "VCID-crcj-9bh9-7kb7" }, { "vulnerability": "VCID-csqv-t3cr-4uap" }, { "vulnerability": "VCID-cwyp-gapg-yufk" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-dh3p-2g4s-wke6" }, { "vulnerability": "VCID-ebyg-yhza-wkaq" }, { "vulnerability": "VCID-enu8-gjre-fbap" }, { "vulnerability": "VCID-ervb-318m-tygv" }, { "vulnerability": "VCID-ervj-1sdg-b3bm" }, { "vulnerability": "VCID-ex2h-ahg3-s7b9" }, { "vulnerability": "VCID-gfxh-3er7-zyam" }, { "vulnerability": "VCID-gt34-muf6-abc7" }, { "vulnerability": "VCID-h1ka-xthk-rug9" }, { "vulnerability": "VCID-h3q1-dbx2-hubv" }, { "vulnerability": "VCID-hf11-8tk1-5kc4" }, { "vulnerability": "VCID-hmbq-4c5b-ukd7" }, { "vulnerability": "VCID-hszt-6bxr-syfe" }, { "vulnerability": "VCID-jauh-5qga-hucw" }, { "vulnerability": "VCID-jc37-xtrj-p3cm" }, { "vulnerability": "VCID-jd42-3thk-rqhr" }, { "vulnerability": "VCID-jw5j-xk5g-v3b1" }, { "vulnerability": "VCID-k1uz-1eqt-pbc6" }, { "vulnerability": "VCID-kf69-av43-wffs" }, { "vulnerability": "VCID-kre4-9v6u-3ked" }, { "vulnerability": "VCID-kwa4-641f-ducs" }, { "vulnerability": "VCID-mqt3-g77k-xqer" }, { "vulnerability": "VCID-myjj-5fsv-sybj" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-ncat-8jz5-m7e5" }, { "vulnerability": "VCID-ngzc-42z2-8yae" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-pc5k-98kh-suce" }, { "vulnerability": "VCID-qdcv-xd8k-8qbu" }, { "vulnerability": "VCID-qjj9-dejh-vuaq" }, { "vulnerability": "VCID-qmt5-gtpg-vbg2" }, { "vulnerability": "VCID-qpwe-7kfy-pyb8" }, { "vulnerability": "VCID-qsy6-em2u-cyd2" }, { "vulnerability": "VCID-qtb6-gvjp-cqbq" }, { "vulnerability": "VCID-s3q2-uvnc-wfep" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-tt3h-qbbv-zuev" }, { "vulnerability": "VCID-tu6x-7fgv-1ffu" }, { "vulnerability": "VCID-tzdq-9gfz-yud5" }, { "vulnerability": "VCID-wbyn-9mx6-a3gd" }, { "vulnerability": "VCID-yyzk-7mqj-m7hq" }, { "vulnerability": "VCID-zgja-p6ey-2kex" }, { "vulnerability": "VCID-zzy2-1yr8-83cf" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.18.4-6" } ], "aliases": [ "CVE-2010-4654" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zn54-s7jz-ruh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83018?format=api", "vulnerability_id": "VCID-zzy2-1yr8-83cf", "summary": "poppler: reachable abort in Object.h", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19058.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19058.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19058", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.50976", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51029", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51054", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51011", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51068", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51065", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51108", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51087", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51071", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.5111", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51116", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51093", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-19058" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19058", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19058" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649435", "reference_id": "1649435", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1649435" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913177", "reference_id": "913177", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2022", "reference_id": "RHSA-2019:2022", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2022" }, { "reference_url": "https://usn.ubuntu.com/3837-1/", "reference_id": "USN-3837-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3837-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994386?format=api", "purl": "pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48d5-zxmm-r3g4" }, { "vulnerability": "VCID-48ua-ch85-w3cg" }, { "vulnerability": "VCID-4ucr-xaac-7uc7" }, { "vulnerability": "VCID-72nw-9jgd-4kdw" }, { "vulnerability": "VCID-a8zz-dfdm-1uf7" }, { "vulnerability": "VCID-anb3-1s96-wbaq" }, { "vulnerability": "VCID-bc96-6vy6-ryfz" }, { "vulnerability": "VCID-c4wz-u632-eyeh" }, { "vulnerability": "VCID-d5fj-5prg-97f4" }, { "vulnerability": "VCID-n1sx-y7xc-kqfb" }, { "vulnerability": "VCID-nqqu-29qr-wfec" }, { "vulnerability": "VCID-tfe8-bq62-3ke4" }, { "vulnerability": "VCID-ygrf-gq35-fkfd" }, { "vulnerability": "VCID-yy6j-1h5z-wbgp" }, { "vulnerability": "VCID-yyxy-juya-a3f1" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1" } ], "aliases": [ "CVE-2018-19058" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zzy2-1yr8-83cf" } ], "fixing_vulnerabilities": [], "risk_score": "4.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.12.4-1.2%252Bsqueeze4" }