Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1037645?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1037645?format=api", "purl": "pkg:deb/debian/texlive-bin@2007.dfsg.2-4%2Blenny3", "type": "deb", "namespace": "debian", "name": "texlive-bin", "version": "2007.dfsg.2-4+lenny3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2026.20260303.78225+ds-1", "latest_non_vulnerable_version": "2026.20260303.78225+ds-1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48369?format=api", "vulnerability_id": "VCID-1upn-29dc-zfcc", "summary": "Multiple vulnerabilities were found in texlive-core, allowing\n attackers to execute arbitrary code.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0827.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0827.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0827", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04513", "scoring_system": "epss", "scoring_elements": "0.89159", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04513", "scoring_system": "epss", "scoring_elements": "0.89094", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04513", "scoring_system": "epss", "scoring_elements": "0.89102", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04513", "scoring_system": "epss", "scoring_elements": "0.89116", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04513", "scoring_system": "epss", "scoring_elements": "0.89119", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04513", "scoring_system": "epss", "scoring_elements": "0.89137", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04513", "scoring_system": "epss", "scoring_elements": "0.89142", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04513", "scoring_system": "epss", "scoring_elements": "0.89153", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04513", "scoring_system": "epss", "scoring_elements": "0.89149", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04513", "scoring_system": "epss", "scoring_elements": "0.89147", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0827" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0827", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0827" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201206-28.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201206-28.xml" }, { "reference_url": "http://security-tracker.debian.org/tracker/CVE-2010-0827", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security-tracker.debian.org/tracker/CVE-2010-0827" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10052", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10052" }, { "reference_url": "http://www.securityfocus.com/bid/39971", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/39971" }, { "reference_url": "http://www.tug.org/svn/texlive/trunk/Build/source/texk/dvipsk/ChangeLog?r1=18009&r2=18095", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.tug.org/svn/texlive/trunk/Build/source/texk/dvipsk/ChangeLog?r1=18009&r2=18095" }, { "reference_url": "http://www.tug.org/svn/texlive/trunk/Build/source/texk/dvipsk/ChangeLog?view=log", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.tug.org/svn/texlive/trunk/Build/source/texk/dvipsk/ChangeLog?view=log" }, { "reference_url": "http://www.ubuntu.com/usn/USN-937-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-937-1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=572914", "reference_id": "572914", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=572914" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580669", "reference_id": "580669", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580669" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1996:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:1996:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1996:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1998:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:1998:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1998:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1999:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:1999:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1999:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2000:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:2000:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2000:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2001:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:2001:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2001:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2002:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:2002:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2002:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2003:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:2003:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2003:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2004:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:2004:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2004:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2005:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:2005:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2005:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2007:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:2007:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2007:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2008:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:2008:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2008:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0827", "reference_id": "CVE-2010-0827", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0827" }, { "reference_url": "https://security.gentoo.org/glsa/201206-28", "reference_id": "GLSA-201206-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0401", "reference_id": "RHSA-2010:0401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0401" }, { "reference_url": "https://usn.ubuntu.com/937-1/", "reference_id": "USN-937-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/937-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037646?format=api", "purl": "pkg:deb/debian/texlive-bin@2009-8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ggs-vja8-r3de" }, { "vulnerability": "VCID-3gpv-93qp-bfhn" }, { "vulnerability": "VCID-47dt-fhqh-pkag" }, { "vulnerability": "VCID-9kvx-465q-fkam" }, { "vulnerability": "VCID-bqqh-5311-w7ca" }, { "vulnerability": "VCID-ka9w-ss8w-sqhb" }, { "vulnerability": "VCID-mxh6-rpb3-tbbq" }, { "vulnerability": "VCID-tju2-c87e-5kcx" }, { "vulnerability": "VCID-z8b6-9u9h-gkcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2009-8" } ], "aliases": [ "CVE-2010-0827" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1upn-29dc-zfcc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7052?format=api", "vulnerability_id": "VCID-3ggs-vja8-r3de", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nBuffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0973.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0973.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0973", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02006", "scoring_system": "epss", "scoring_elements": "0.83617", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02006", "scoring_system": "epss", "scoring_elements": "0.8363", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02006", "scoring_system": "epss", "scoring_elements": "0.83644", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02006", "scoring_system": "epss", "scoring_elements": "0.83646", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02006", "scoring_system": "epss", "scoring_elements": "0.8367", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02006", "scoring_system": "epss", "scoring_elements": "0.83677", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02006", "scoring_system": "epss", "scoring_elements": "0.83694", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02006", "scoring_system": "epss", "scoring_elements": "0.83687", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02006", "scoring_system": "epss", "scoring_elements": "0.83683", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02006", "scoring_system": "epss", "scoring_elements": "0.83718", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0973" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/01/10/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:25:31Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2015/01/10/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1177327", "reference_id": "1177327", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1177327" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/01/10/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:25:31Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2015/01/10/3" }, { "reference_url": "http://sourceforge.net/p/png-mng/mailman/message/33173461/", "reference_id": "33173461", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:25:31Z/" } ], "url": "http://sourceforge.net/p/png-mng/mailman/message/33173461/" }, { "reference_url": "http://secunia.com/advisories/62725", "reference_id": "62725", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:25:31Z/" } ], "url": "http://secunia.com/advisories/62725" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773823", "reference_id": "773823", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773823" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775673", "reference_id": "775673", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775673" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0973", "reference_id": "CVE-2015-0973", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-0973" }, { "reference_url": "http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt", "reference_id": "libpng_heap_overflow_1.6.15.txt", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:25:31Z/" } ], "url": "http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20240719-0005/", "reference_id": "ntap-20240719-0005", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:25:31Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20240719-0005/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037648?format=api", "purl": "pkg:deb/debian/texlive-bin@2014.20140926.35254-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gpv-93qp-bfhn" }, { "vulnerability": "VCID-47dt-fhqh-pkag" }, { "vulnerability": "VCID-9kvx-465q-fkam" }, { "vulnerability": "VCID-bqqh-5311-w7ca" }, { "vulnerability": "VCID-tju2-c87e-5kcx" }, { "vulnerability": "VCID-z8b6-9u9h-gkcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2014.20140926.35254-6" } ], "aliases": [ "CVE-2015-0973" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ggs-vja8-r3de" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59405?format=api", "vulnerability_id": "VCID-3gpv-93qp-bfhn", "summary": "A vulnerability in Kpathsea allows remote attackers to execute\n arbitrary commands by manipulating the -tex option from mpost program.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10243.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10243.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10243", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09885", "scoring_system": "epss", "scoring_elements": "0.92969", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.09885", "scoring_system": "epss", "scoring_elements": "0.93008", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.09885", "scoring_system": "epss", "scoring_elements": "0.92994", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09885", "scoring_system": "epss", "scoring_elements": "0.92999", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.09885", "scoring_system": "epss", "scoring_elements": "0.92997", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.09885", "scoring_system": "epss", "scoring_elements": "0.92998", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09885", "scoring_system": "epss", "scoring_elements": "0.92978", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09885", "scoring_system": "epss", "scoring_elements": "0.92982", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.09885", "scoring_system": "epss", "scoring_elements": "0.92981", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.09885", "scoring_system": "epss", "scoring_elements": "0.92989", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10243" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10243", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10243" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:S/C:P/I:P/A:P" }, { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B7CNJ4HKX7X6V7VMN3UCU7KPY6IX4XRB/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B7CNJ4HKX7X6V7VMN3UCU7KPY6IX4XRB/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL6PUKPWEXYIPIAZRIX5ZLQWCSALVLFP/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL6PUKPWEXYIPIAZRIX5ZLQWCSALVLFP/" }, { "reference_url": "https://scumjr.github.io/2016/11/28/pwning-coworkers-thanks-to-latex/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://scumjr.github.io/2016/11/28/pwning-coworkers-thanks-to-latex/" }, { "reference_url": "https://www.tug.org/svn/texlive?view=revision&revision=42605", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.tug.org/svn/texlive?view=revision&revision=42605" }, { "reference_url": "http://www.debian.org/security/2017/dsa-3803", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.debian.org/security/2017/dsa-3803" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2017/03/05/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2017/03/05/1" }, { "reference_url": "http://www.securityfocus.com/bid/96593", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/96593" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429452", "reference_id": "1429452", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1429452" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:-:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:-:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:-:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10243", "reference_id": "CVE-2016-10243", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-10243" }, { "reference_url": "https://security.gentoo.org/glsa/201709-07", "reference_id": "GLSA-201709-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201709-07" }, { "reference_url": "https://usn.ubuntu.com/3401-1/", "reference_id": "USN-3401-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3401-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1053587?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47dt-fhqh-pkag" }, { "vulnerability": "VCID-bqqh-5311-w7ca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1" } ], "aliases": [ "CVE-2016-10243" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3gpv-93qp-bfhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95537?format=api", "vulnerability_id": "VCID-47dt-fhqh-pkag", "summary": "LuaTeX before 1.17.0 allows a document (compiled with the default settings) to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32668", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18111", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18164", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17864", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17951", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18011", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18028", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17983", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17933", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17876", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32668" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32668", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32668" }, { "reference_url": "https://tug.org/pipermail/tex-live/2023-May/049188.html", "reference_id": "049188.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T16:40:54Z/" } ], "url": "https://tug.org/pipermail/tex-live/2023-May/049188.html" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036470", "reference_id": "1036470", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036470" }, { "reference_url": "https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/tags/1.17.0", "reference_id": "1.17.0", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T16:40:54Z/" } ], "url": "https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/tags/1.17.0" }, { "reference_url": "https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/blob/b266ef076c96b382cd23a4c93204e247bb98626a/source/texk/web2c/luatexdir/ChangeLog#L1-L3", "reference_id": "ChangeLog#L1-L3", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T16:40:54Z/" } ], "url": "https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/blob/b266ef076c96b382cd23a4c93204e247bb98626a/source/texk/web2c/luatexdir/ChangeLog#L1-L3" }, { "reference_url": "https://tug.org/~mseven/luatex.html#luasocket", "reference_id": "luatex.html#luasocket", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T16:40:54Z/" } ], "url": "https://tug.org/~mseven/luatex.html#luasocket" }, { "reference_url": "https://usn.ubuntu.com/6695-1/", "reference_id": "USN-6695-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6695-1/" }, { "reference_url": "https://usn.ubuntu.com/7985-1/", "reference_id": "USN-7985-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7985-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994443?format=api", "purl": "pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%2Bdeb12u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%252Bdeb12u2" } ], "aliases": [ "CVE-2023-32668" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-47dt-fhqh-pkag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48368?format=api", "vulnerability_id": "VCID-4r5u-9w2z-rkgh", "summary": "Multiple vulnerabilities were found in texlive-core, allowing\n attackers to execute arbitrary code.", "references": [ { "reference_url": "http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-stable.git%3Ba=blob%3Bf=source/xapps-extra/tetex/texlive-CVE-2010-0739-int-overflow.patch", "reference_id": "", "reference_type": "", "scores": [], "url": "http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-stable.git%3Ba=blob%3Bf=source/xapps-extra/tetex/texlive-CVE-2010-0739-int-overflow.patch" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041573.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041573.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0739.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0739.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0739", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.077", "scoring_system": "epss", "scoring_elements": "0.91936", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.077", "scoring_system": "epss", "scoring_elements": "0.91877", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.077", "scoring_system": "epss", "scoring_elements": "0.91885", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.077", "scoring_system": "epss", "scoring_elements": "0.91893", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.077", "scoring_system": "epss", "scoring_elements": "0.919", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.077", "scoring_system": "epss", "scoring_elements": "0.91912", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.077", "scoring_system": "epss", "scoring_elements": "0.91918", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.077", "scoring_system": "epss", "scoring_elements": "0.91921", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.077", "scoring_system": "epss", "scoring_elements": "0.9192", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.077", "scoring_system": "epss", "scoring_elements": "0.91917", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-0739" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739" }, { "reference_url": "http://secunia.com/advisories/39390", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/39390" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201206-28.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201206-28.xml" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11468", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11468" }, { "reference_url": "http://www.securityfocus.com/bid/39500", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/39500" }, { "reference_url": "http://www.ubuntu.com/usn/USN-937-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-937-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560668", "reference_id": "560668", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560668" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=572941", "reference_id": "572941", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=572941" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0739", "reference_id": "CVE-2010-0739", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-0739" }, { "reference_url": "https://security.gentoo.org/glsa/201206-28", "reference_id": "GLSA-201206-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0401", "reference_id": "RHSA-2010:0401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0401" }, { "reference_url": "https://usn.ubuntu.com/937-1/", "reference_id": "USN-937-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/937-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037646?format=api", "purl": "pkg:deb/debian/texlive-bin@2009-8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ggs-vja8-r3de" }, { "vulnerability": "VCID-3gpv-93qp-bfhn" }, { "vulnerability": "VCID-47dt-fhqh-pkag" }, { "vulnerability": "VCID-9kvx-465q-fkam" }, { "vulnerability": "VCID-bqqh-5311-w7ca" }, { "vulnerability": "VCID-ka9w-ss8w-sqhb" }, { "vulnerability": "VCID-mxh6-rpb3-tbbq" }, { "vulnerability": "VCID-tju2-c87e-5kcx" }, { "vulnerability": "VCID-z8b6-9u9h-gkcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2009-8" } ], "aliases": [ "CVE-2010-0739" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4r5u-9w2z-rkgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78403?format=api", "vulnerability_id": "VCID-9kvx-465q-fkam", "summary": "texlive: arbitrary code execution allows document complied with older version", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32700.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32700.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32700", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.62214", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.62309", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.62244", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.6221", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.6226", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.62277", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.62296", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.62286", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.62264", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32700" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32700", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32700" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://tug.org/pipermail/tex-live/2023-May/049188.html", "reference_id": "049188.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/" } ], "url": "https://tug.org/pipermail/tex-live/2023-May/049188.html" }, { "reference_url": "https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/tags/1.17.0", "reference_id": "1.17.0", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/" } ], "url": "https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/tags/1.17.0" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208943", "reference_id": "2208943", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2208943" }, { "reference_url": "https://github.com/TeX-Live/texlive-source/releases/tag/build-svn66984", "reference_id": "build-svn66984", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/" } ], "url": "https://github.com/TeX-Live/texlive-source/releases/tag/build-svn66984" }, { "reference_url": "https://tug.org/~mseven/luatex.html", "reference_id": "luatex.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/" } ], "url": "https://tug.org/~mseven/luatex.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:3661", "reference_id": "RHSA-2023:3661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:3661" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLY43MIRONJSJVNBDFQHQ26MP3JIOB3H/", "reference_id": "RLY43MIRONJSJVNBDFQHQ26MP3JIOB3H", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLY43MIRONJSJVNBDFQHQ26MP3JIOB3H/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TF6YXUUFRGBIXIIIEV5SGBJXXT2SMUK5/", "reference_id": "TF6YXUUFRGBIXIIIEV5SGBJXXT2SMUK5", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TF6YXUUFRGBIXIIIEV5SGBJXXT2SMUK5/" }, { "reference_url": "https://usn.ubuntu.com/6115-1/", "reference_id": "USN-6115-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6115-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1053587?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47dt-fhqh-pkag" }, { "vulnerability": "VCID-bqqh-5311-w7ca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1" } ], "aliases": [ "CVE-2023-32700" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9kvx-465q-fkam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95988?format=api", "vulnerability_id": "VCID-bqqh-5311-w7ca", "summary": "texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted TTF file.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25262", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34521", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34545", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34548", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34509", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34484", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34578", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34605", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34473", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34516", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-25262" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25262", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25262" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064517", "reference_id": "1064517", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064517" }, { "reference_url": "https://bugs.launchpad.net/ubuntu/+source/texlive-bin/+bug/2047912", "reference_id": "2047912", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T18:34:50Z/" } ], "url": "https://bugs.launchpad.net/ubuntu/+source/texlive-bin/+bug/2047912" }, { "reference_url": "https://tug.org/svn/texlive/trunk/Build/source/texk/ttfdump/ChangeLog?revision=69605&view=co", "reference_id": "ChangeLog?revision=69605&view=co", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T18:34:50Z/" } ], "url": "https://tug.org/svn/texlive/trunk/Build/source/texk/ttfdump/ChangeLog?revision=69605&view=co" }, { "reference_url": "https://usn.ubuntu.com/6695-1/", "reference_id": "USN-6695-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6695-1/" }, { "reference_url": "https://usn.ubuntu.com/7985-1/", "reference_id": "USN-7985-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7985-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/994443?format=api", "purl": "pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%2Bdeb12u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15kj-emtf-vbag" }, { "vulnerability": "VCID-22hs-pt9p-fbdn" }, { "vulnerability": "VCID-24vd-syhs-gbhc" }, { "vulnerability": "VCID-261q-t1h8-bufj" }, { "vulnerability": "VCID-2pzz-h5vd-wyah" }, { "vulnerability": "VCID-2unr-76q5-y7aw" }, { "vulnerability": "VCID-3a9d-3kme-73d2" }, { "vulnerability": "VCID-3v18-r2f3-1qdv" }, { "vulnerability": "VCID-4cy9-447q-mbf3" }, { "vulnerability": "VCID-4f2u-sskp-zkhu" }, { "vulnerability": "VCID-4ses-k1k7-9ycz" }, { "vulnerability": "VCID-4z3j-9yy6-u3eb" }, { "vulnerability": "VCID-5p9e-n6p5-mudd" }, { "vulnerability": "VCID-6fwt-gfj6-j7av" }, { "vulnerability": "VCID-72m2-st3u-uyfm" }, { "vulnerability": "VCID-76vf-yebs-mkg8" }, { "vulnerability": "VCID-7x9j-31fq-hkg2" }, { "vulnerability": "VCID-86bc-apbh-sbbn" }, { "vulnerability": "VCID-88vn-jepe-33c1" }, { "vulnerability": "VCID-8qwb-455y-bbcp" }, { "vulnerability": "VCID-8xnh-5jb4-uygz" }, { "vulnerability": "VCID-911d-pbx5-4qge" }, { "vulnerability": "VCID-97ds-z5dk-6kbu" }, { "vulnerability": "VCID-9e9z-hm4a-37ab" }, { "vulnerability": "VCID-9mn1-e4dm-nfhd" }, { "vulnerability": "VCID-a6an-r3tj-93ge" }, { "vulnerability": "VCID-ast7-b75m-7uh3" }, { "vulnerability": "VCID-bdbb-4kgq-y7ad" }, { "vulnerability": "VCID-bdke-da3n-37hw" }, { "vulnerability": "VCID-bw8n-jvsd-bqe9" }, { "vulnerability": "VCID-d4tp-mmgz-6udh" }, { "vulnerability": "VCID-dcjs-7eyq-a7gn" }, { "vulnerability": "VCID-e8ev-axf6-dbc3" }, { "vulnerability": "VCID-ecbh-vzp4-x7dr" }, { "vulnerability": "VCID-eeet-mw7y-rudx" }, { "vulnerability": "VCID-euy5-4h8q-hyb3" }, { "vulnerability": "VCID-fbkh-5sb9-auc5" }, { "vulnerability": "VCID-fkft-abbt-6ydx" }, { "vulnerability": "VCID-fymb-bvn2-p7ej" }, { "vulnerability": "VCID-fz4x-mcwe-aqgf" }, { "vulnerability": "VCID-gh4u-68x5-27db" }, { "vulnerability": "VCID-gsk7-273v-qfdz" }, { "vulnerability": "VCID-h73f-kd2u-5yg3" }, { "vulnerability": "VCID-hd3g-vc2p-4fhf" }, { "vulnerability": "VCID-hqv6-gney-2fgw" }, { "vulnerability": "VCID-hx8f-h823-kkhr" }, { "vulnerability": "VCID-jahu-d9d6-jbbt" }, { "vulnerability": "VCID-jxh3-k3es-bqah" }, { "vulnerability": "VCID-k5ue-ga1d-q7gv" }, { "vulnerability": "VCID-knp7-hye9-a3gv" }, { "vulnerability": "VCID-m7rd-mh53-bycu" }, { "vulnerability": "VCID-mm9w-wmdz-qye4" }, { "vulnerability": "VCID-msch-wzj9-h7ga" }, { "vulnerability": "VCID-n68j-881x-3uhp" }, { "vulnerability": "VCID-nckm-umvv-3qcn" }, { "vulnerability": "VCID-nk95-xdjm-vyfq" }, { "vulnerability": "VCID-nucx-up6e-ayb8" }, { "vulnerability": "VCID-nvrx-x1qs-vkdb" }, { "vulnerability": "VCID-p973-cuza-tuhp" }, { "vulnerability": "VCID-q4qv-tq4j-3uh2" }, { "vulnerability": "VCID-qdek-hd55-hbe2" }, { "vulnerability": "VCID-qjxs-qf6j-zycc" }, { "vulnerability": "VCID-rrqw-zrh2-33dn" }, { "vulnerability": "VCID-rype-ss6b-aude" }, { "vulnerability": "VCID-su1a-e49q-pffw" }, { "vulnerability": "VCID-t8bs-vvts-47ag" }, { "vulnerability": "VCID-tqm6-8w98-q3dr" }, { "vulnerability": "VCID-tz15-rmx4-pkdq" }, { "vulnerability": "VCID-u9ur-b18b-gfhr" }, { "vulnerability": "VCID-utve-4z7c-tkhk" }, { "vulnerability": "VCID-v7pb-brn7-v7ah" }, { "vulnerability": "VCID-v9pk-ecc9-yqbm" }, { "vulnerability": "VCID-vfty-pe45-pya4" }, { "vulnerability": "VCID-vk2y-ftzh-sqgh" }, { "vulnerability": "VCID-whjt-pvqp-jycr" }, { "vulnerability": "VCID-whmq-gsw4-sbgg" }, { "vulnerability": "VCID-wngf-qn2d-ykef" }, { "vulnerability": "VCID-ws93-jgn7-83c8" }, { "vulnerability": "VCID-xfy6-snb8-63av" }, { "vulnerability": "VCID-xrgb-9dwh-mubm" }, { "vulnerability": "VCID-xxn1-2trx-myhs" }, { "vulnerability": "VCID-xzdx-45tg-w7ft" }, { "vulnerability": "VCID-y2pg-cgqs-s3gb" }, { "vulnerability": "VCID-y4qh-ek9n-cyc1" }, { "vulnerability": "VCID-ys96-uhkv-2qgv" }, { "vulnerability": "VCID-zbsq-dfju-mkf5" }, { "vulnerability": "VCID-zqjn-srqb-kfcg" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%252Bdeb12u2" } ], "aliases": [ "CVE-2024-25262" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bqqh-5311-w7ca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48370?format=api", "vulnerability_id": "VCID-ec4g-satx-pqg2", "summary": "Multiple vulnerabilities were found in texlive-core, allowing\n attackers to execute arbitrary code.", "references": [ { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041573.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041573.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1440.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1440.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1440", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02852", "scoring_system": "epss", "scoring_elements": "0.86248", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02852", "scoring_system": "epss", "scoring_elements": "0.86169", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02852", "scoring_system": "epss", "scoring_elements": "0.86179", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02852", "scoring_system": "epss", "scoring_elements": "0.86192", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02852", "scoring_system": "epss", "scoring_elements": "0.86193", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02852", "scoring_system": "epss", "scoring_elements": "0.86212", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02852", "scoring_system": "epss", "scoring_elements": "0.86223", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02852", "scoring_system": "epss", "scoring_elements": "0.86238", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02852", "scoring_system": "epss", "scoring_elements": "0.86235", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02852", "scoring_system": "epss", "scoring_elements": "0.86231", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1440" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440" }, { "reference_url": "http://security.gentoo.org/glsa/glsa-201206-28.xml", "reference_id": "", "reference_type": "", "scores": [], "url": "http://security.gentoo.org/glsa/glsa-201206-28.xml" }, { "reference_url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10068" }, { "reference_url": "http://www.ubuntu.com/usn/USN-937-1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.ubuntu.com/usn/USN-937-1" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580668", "reference_id": "580668", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580668" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=586819", "reference_id": "586819", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=586819" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1996:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:1996:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1996:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1998:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:1998:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1998:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1999:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:1999:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1999:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2000:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:2000:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2000:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2001:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:2001:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2001:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2002:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:2002:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2002:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2003:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:2003:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2003:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2004:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:2004:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2004:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2005:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:2005:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2005:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2007:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:2007:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2007:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2008:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:tug:tex_live:2008:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2008:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1440", "reference_id": "CVE-2010-1440", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2010-1440" }, { "reference_url": "https://security.gentoo.org/glsa/201206-28", "reference_id": "GLSA-201206-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-28" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0400", "reference_id": "RHSA-2010:0400", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0400" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0401", "reference_id": "RHSA-2010:0401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0401" }, { "reference_url": "https://usn.ubuntu.com/937-1/", "reference_id": "USN-937-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/937-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037646?format=api", "purl": "pkg:deb/debian/texlive-bin@2009-8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ggs-vja8-r3de" }, { "vulnerability": "VCID-3gpv-93qp-bfhn" }, { "vulnerability": "VCID-47dt-fhqh-pkag" }, { "vulnerability": "VCID-9kvx-465q-fkam" }, { "vulnerability": "VCID-bqqh-5311-w7ca" }, { "vulnerability": "VCID-ka9w-ss8w-sqhb" }, { "vulnerability": "VCID-mxh6-rpb3-tbbq" }, { "vulnerability": "VCID-tju2-c87e-5kcx" }, { "vulnerability": "VCID-z8b6-9u9h-gkcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2009-8" } ], "aliases": [ "CVE-2010-1440" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ec4g-satx-pqg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85954?format=api", "vulnerability_id": "VCID-ka9w-ss8w-sqhb", "summary": "texlive: insecure use of /tmp in mktexlsr", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5700.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5700.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5700", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25633", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25704", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25746", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25515", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25588", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25635", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25646", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25604", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25547", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25552", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5700" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5700", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5700" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1181167", "reference_id": "1181167", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1181167" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775139", "reference_id": "775139", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775139" }, { "reference_url": "https://usn.ubuntu.com/3788-1/", "reference_id": "USN-3788-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3788-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037648?format=api", "purl": "pkg:deb/debian/texlive-bin@2014.20140926.35254-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gpv-93qp-bfhn" }, { "vulnerability": "VCID-47dt-fhqh-pkag" }, { "vulnerability": "VCID-9kvx-465q-fkam" }, { "vulnerability": "VCID-bqqh-5311-w7ca" }, { "vulnerability": "VCID-tju2-c87e-5kcx" }, { "vulnerability": "VCID-z8b6-9u9h-gkcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2014.20140926.35254-6" } ], "aliases": [ "CVE-2015-5700" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ka9w-ss8w-sqhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7047?format=api", "vulnerability_id": "VCID-mxh6-rpb3-tbbq", "summary": "Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the png_combine_row function in libpng, when running on systems, might allow context-dependent attackers to execute arbitrary code via a \"very wide interlaced\" PNG image.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9495.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9495.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9495", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87524", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87534", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87547", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87549", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87568", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87575", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87586", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87582", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87579", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03487", "scoring_system": "epss", "scoring_elements": "0.87593", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9495" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9495", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9495" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/01/10/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:14:59Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2015/01/10/1" }, { "reference_url": "http://www.securitytracker.com/id/1031444", "reference_id": "1031444", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:14:59Z/" } ], "url": "http://www.securitytracker.com/id/1031444" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179186", "reference_id": "1179186", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1179186" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/01/04/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:14:59Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2015/01/04/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/01/10/3", "reference_id": "3", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:14:59Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2015/01/10/3" }, { "reference_url": "http://sourceforge.net/p/png-mng/mailman/message/33172831/", "reference_id": "33172831", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:14:59Z/" } ], "url": "http://sourceforge.net/p/png-mng/mailman/message/33172831/" }, { "reference_url": "http://sourceforge.net/p/png-mng/mailman/message/33173461/", "reference_id": "33173461", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:14:59Z/" } ], "url": "http://sourceforge.net/p/png-mng/mailman/message/33173461/" }, { "reference_url": "http://secunia.com/advisories/62725", "reference_id": "62725", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:14:59Z/" } ], "url": "http://secunia.com/advisories/62725" }, { "reference_url": "http://www.securityfocus.com/bid/71820", "reference_id": "71820", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:14:59Z/" } ], "url": "http://www.securityfocus.com/bid/71820" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773823", "reference_id": "773823", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773823" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773824", "reference_id": "773824", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773824" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9495", "reference_id": "CVE-2014-9495", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-9495" }, { "reference_url": "https://security.gentoo.org/glsa/201502-10", "reference_id": "GLSA-201502-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201502-10" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037648?format=api", "purl": "pkg:deb/debian/texlive-bin@2014.20140926.35254-6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gpv-93qp-bfhn" }, { "vulnerability": "VCID-47dt-fhqh-pkag" }, { "vulnerability": "VCID-9kvx-465q-fkam" }, { "vulnerability": "VCID-bqqh-5311-w7ca" }, { "vulnerability": "VCID-tju2-c87e-5kcx" }, { "vulnerability": "VCID-z8b6-9u9h-gkcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2014.20140926.35254-6" } ], "aliases": [ "CVE-2014-9495" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mxh6-rpb3-tbbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/48367?format=api", "vulnerability_id": "VCID-qd9y-35s4-9kcp", "summary": "Multiple vulnerabilities were found in texlive-core, allowing\n attackers to execute arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1284.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1284.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.15978", "scoring_system": "epss", "scoring_elements": "0.94732", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.15978", "scoring_system": "epss", "scoring_elements": "0.94741", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.15978", "scoring_system": "epss", "scoring_elements": "0.94745", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.15978", "scoring_system": "epss", "scoring_elements": "0.94746", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.15978", "scoring_system": "epss", "scoring_elements": "0.94756", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.15978", "scoring_system": "epss", "scoring_elements": "0.9476", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.15978", "scoring_system": "epss", "scoring_elements": "0.94763", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.15978", "scoring_system": "epss", "scoring_elements": "0.94767", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.15978", "scoring_system": "epss", "scoring_elements": "0.94768", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.15978", "scoring_system": "epss", "scoring_elements": "0.94775", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-1284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1284" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=492136", "reference_id": "492136", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=492136" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520920", "reference_id": "520920", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520920" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10203.txt", "reference_id": "CVE-2009-1284;OSVDB-53562", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10203.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201206-28", "reference_id": "GLSA-201206-28", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201206-28" }, { "reference_url": "https://usn.ubuntu.com/937-1/", "reference_id": "USN-937-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/937-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037646?format=api", "purl": "pkg:deb/debian/texlive-bin@2009-8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3ggs-vja8-r3de" }, { "vulnerability": "VCID-3gpv-93qp-bfhn" }, { "vulnerability": "VCID-47dt-fhqh-pkag" }, { "vulnerability": "VCID-9kvx-465q-fkam" }, { "vulnerability": "VCID-bqqh-5311-w7ca" }, { "vulnerability": "VCID-ka9w-ss8w-sqhb" }, { "vulnerability": "VCID-mxh6-rpb3-tbbq" }, { "vulnerability": "VCID-tju2-c87e-5kcx" }, { "vulnerability": "VCID-z8b6-9u9h-gkcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2009-8" } ], "aliases": [ "CVE-2009-1284" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qd9y-35s4-9kcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94089?format=api", "vulnerability_id": "VCID-tju2-c87e-5kcx", "summary": "In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distributed in TeXLive and other collections, sprintf is mishandled.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18604", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41958", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41908", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41851", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41916", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41944", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41871", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41922", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41933", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41957", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41921", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-18604" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18604", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18604" }, { "reference_url": "https://github.com/TeX-Live/texlive-source/commit/9216833a3888a4105a18e8c349f65b045ddb1079#diff-987e40c0e27ee43f6a2414ada73a191a", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/TeX-Live/texlive-source/commit/9216833a3888a4105a18e8c349f65b045ddb1079#diff-987e40c0e27ee43f6a2414ada73a191a" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00033.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00033.html" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:axodraw2_project:axodraw2:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:axodraw2_project:axodraw2:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:axodraw2_project:axodraw2:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:axohelp.c_project:axohelp.c:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:axohelp.c_project:axohelp.c:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:axohelp.c_project:axohelp.c:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18604", "reference_id": "CVE-2019-18604", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-18604" }, { "reference_url": "https://usn.ubuntu.com/6695-1/", "reference_id": "USN-6695-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6695-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1053587?format=api", "purl": "pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-47dt-fhqh-pkag" }, { "vulnerability": "VCID-bqqh-5311-w7ca" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1" } ], "aliases": [ "CVE-2019-18604" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tju2-c87e-5kcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/74711?format=api", "vulnerability_id": "VCID-z8b6-9u9h-gkcp", "summary": "security update", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17407.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17407.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17407", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01357", "scoring_system": "epss", "scoring_elements": "0.8009", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01357", "scoring_system": "epss", "scoring_elements": "0.80166", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01357", "scoring_system": "epss", "scoring_elements": "0.80144", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01357", "scoring_system": "epss", "scoring_elements": "0.80136", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01357", "scoring_system": "epss", "scoring_elements": "0.80098", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01357", "scoring_system": "epss", "scoring_elements": "0.80118", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01357", "scoring_system": "epss", "scoring_elements": "0.80105", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01357", "scoring_system": "epss", "scoring_elements": "0.80134", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01357", "scoring_system": "epss", "scoring_elements": "0.80141", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01357", "scoring_system": "epss", "scoring_elements": "0.8016", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-17407" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17407", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17407" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632802", "reference_id": "1632802", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632802" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909317", "reference_id": "909317", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909317" }, { "reference_url": "https://security.archlinux.org/ASA-201812-4", "reference_id": "ASA-201812-4", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201812-4" }, { "reference_url": "https://security.archlinux.org/AVG-770", "reference_id": "AVG-770", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-770" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1036", "reference_id": "RHSA-2020:1036", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1036" }, { "reference_url": "https://usn.ubuntu.com/3788-1/", "reference_id": "USN-3788-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3788-1/" }, { "reference_url": "https://usn.ubuntu.com/3788-2/", "reference_id": "USN-3788-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3788-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037649?format=api", "purl": "pkg:deb/debian/texlive-bin@2016.20160513.41080.dfsg-2%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gpv-93qp-bfhn" }, { "vulnerability": "VCID-47dt-fhqh-pkag" }, { "vulnerability": "VCID-9kvx-465q-fkam" }, { "vulnerability": "VCID-bqqh-5311-w7ca" }, { "vulnerability": "VCID-tju2-c87e-5kcx" }, { "vulnerability": "VCID-z8b6-9u9h-gkcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2016.20160513.41080.dfsg-2%252Bdeb9u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1053586?format=api", "purl": "pkg:deb/debian/texlive-bin@2018.20181218.49446-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3gpv-93qp-bfhn" }, { "vulnerability": "VCID-47dt-fhqh-pkag" }, { "vulnerability": "VCID-9kvx-465q-fkam" }, { "vulnerability": "VCID-bqqh-5311-w7ca" }, { "vulnerability": "VCID-tju2-c87e-5kcx" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2018.20181218.49446-1" } ], "aliases": [ "CVE-2018-17407" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z8b6-9u9h-gkcp" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49037?format=api", "vulnerability_id": "VCID-4gwj-gm2f-uugx", "summary": "Multiple vulnerabilities have been discovered in teTeX, possibly allowing\n to execute arbitrary code or overwrite arbitrary files.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5936.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5936.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5936", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.2669", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26735", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26777", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26561", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26629", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.2668", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26684", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.2664", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26581", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26588", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5936" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5936", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5936" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=368611", "reference_id": "368611", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=368611" }, { "reference_url": "https://security.gentoo.org/glsa/200711-26", "reference_id": "GLSA-200711-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200711-26" }, { "reference_url": "https://usn.ubuntu.com/554-1/", "reference_id": "USN-554-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/554-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037645?format=api", "purl": "pkg:deb/debian/texlive-bin@2007.dfsg.2-4%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1upn-29dc-zfcc" }, { "vulnerability": "VCID-3ggs-vja8-r3de" }, { "vulnerability": "VCID-3gpv-93qp-bfhn" }, { "vulnerability": "VCID-47dt-fhqh-pkag" }, { "vulnerability": "VCID-4r5u-9w2z-rkgh" }, { "vulnerability": "VCID-9kvx-465q-fkam" }, { "vulnerability": "VCID-bqqh-5311-w7ca" }, { "vulnerability": "VCID-ec4g-satx-pqg2" }, { "vulnerability": "VCID-ka9w-ss8w-sqhb" }, { "vulnerability": "VCID-mxh6-rpb3-tbbq" }, { "vulnerability": "VCID-qd9y-35s4-9kcp" }, { "vulnerability": "VCID-tju2-c87e-5kcx" }, { "vulnerability": "VCID-z8b6-9u9h-gkcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2007.dfsg.2-4%252Blenny3" } ], "aliases": [ "CVE-2007-5936" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4gwj-gm2f-uugx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49038?format=api", "vulnerability_id": "VCID-4j8e-6t21-3ke9", "summary": "Multiple vulnerabilities have been discovered in teTeX, possibly allowing\n to execute arbitrary code or overwrite arbitrary files.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5937.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5937.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5937", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02107", "scoring_system": "epss", "scoring_elements": "0.8403", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02107", "scoring_system": "epss", "scoring_elements": "0.84044", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02107", "scoring_system": "epss", "scoring_elements": "0.84061", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02107", "scoring_system": "epss", "scoring_elements": "0.84062", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02107", "scoring_system": "epss", "scoring_elements": "0.84085", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02107", "scoring_system": "epss", "scoring_elements": "0.84092", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02107", "scoring_system": "epss", "scoring_elements": "0.8411", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02107", "scoring_system": "epss", "scoring_elements": "0.84103", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02107", "scoring_system": "epss", "scoring_elements": "0.84099", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02107", "scoring_system": "epss", "scoring_elements": "0.8412", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5937" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=368641", "reference_id": "368641", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=368641" }, { "reference_url": "https://security.gentoo.org/glsa/200711-26", "reference_id": "GLSA-200711-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200711-26" }, { "reference_url": "https://usn.ubuntu.com/554-1/", "reference_id": "USN-554-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/554-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037645?format=api", "purl": "pkg:deb/debian/texlive-bin@2007.dfsg.2-4%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1upn-29dc-zfcc" }, { "vulnerability": "VCID-3ggs-vja8-r3de" }, { "vulnerability": "VCID-3gpv-93qp-bfhn" }, { "vulnerability": "VCID-47dt-fhqh-pkag" }, { "vulnerability": "VCID-4r5u-9w2z-rkgh" }, { "vulnerability": "VCID-9kvx-465q-fkam" }, { "vulnerability": "VCID-bqqh-5311-w7ca" }, { "vulnerability": "VCID-ec4g-satx-pqg2" }, { "vulnerability": "VCID-ka9w-ss8w-sqhb" }, { "vulnerability": "VCID-mxh6-rpb3-tbbq" }, { "vulnerability": "VCID-qd9y-35s4-9kcp" }, { "vulnerability": "VCID-tju2-c87e-5kcx" }, { "vulnerability": "VCID-z8b6-9u9h-gkcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2007.dfsg.2-4%252Blenny3" } ], "aliases": [ "CVE-2007-5937" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4j8e-6t21-3ke9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49036?format=api", "vulnerability_id": "VCID-8qud-4v19-tyh4", "summary": "Multiple vulnerabilities have been discovered in teTeX, possibly allowing\n to execute arbitrary code or overwrite arbitrary files.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5935.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5935.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5935", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0635", "scoring_system": "epss", "scoring_elements": "0.90942", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0635", "scoring_system": "epss", "scoring_elements": "0.90948", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0635", "scoring_system": "epss", "scoring_elements": "0.90957", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0635", "scoring_system": "epss", "scoring_elements": "0.90967", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0635", "scoring_system": "epss", "scoring_elements": "0.90978", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0635", "scoring_system": "epss", "scoring_elements": "0.90983", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0635", "scoring_system": "epss", "scoring_elements": "0.90992", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0635", "scoring_system": "epss", "scoring_elements": "0.90991", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0635", "scoring_system": "epss", "scoring_elements": "0.91017", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-5935" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5935", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5935" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=368591", "reference_id": "368591", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=368591" }, { "reference_url": "https://security.gentoo.org/glsa/200711-26", "reference_id": "GLSA-200711-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200711-26" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0399", "reference_id": "RHSA-2010:0399", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0399" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2010:0401", "reference_id": "RHSA-2010:0401", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2010:0401" }, { "reference_url": "https://usn.ubuntu.com/554-1/", "reference_id": "USN-554-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/554-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1037645?format=api", "purl": "pkg:deb/debian/texlive-bin@2007.dfsg.2-4%2Blenny3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1upn-29dc-zfcc" }, { "vulnerability": "VCID-3ggs-vja8-r3de" }, { "vulnerability": "VCID-3gpv-93qp-bfhn" }, { "vulnerability": "VCID-47dt-fhqh-pkag" }, { "vulnerability": "VCID-4r5u-9w2z-rkgh" }, { "vulnerability": "VCID-9kvx-465q-fkam" }, { "vulnerability": "VCID-bqqh-5311-w7ca" }, { "vulnerability": "VCID-ec4g-satx-pqg2" }, { "vulnerability": "VCID-ka9w-ss8w-sqhb" }, { "vulnerability": "VCID-mxh6-rpb3-tbbq" }, { "vulnerability": "VCID-qd9y-35s4-9kcp" }, { "vulnerability": "VCID-tju2-c87e-5kcx" }, { "vulnerability": "VCID-z8b6-9u9h-gkcp" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2007.dfsg.2-4%252Blenny3" } ], "aliases": [ "CVE-2007-5935" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8qud-4v19-tyh4" } ], "risk_score": "4.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2007.dfsg.2-4%252Blenny3" }