Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1038031?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "type": "deb", "namespace": "debian", "name": "graphicsmagick", "version": "1.4+really1.3.35-1~deb10u2", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1.4+really1.3.36+hg16481-2+deb11u1", "latest_non_vulnerable_version": "1.4+really1.3.36+hg16481-2+deb11u1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47144?format=api", "vulnerability_id": "VCID-3tbg-j6gv-9ub8", "summary": "Multiple vulnerabilities have been discovered in GraphicsMagick, the worst of which are fuzzing issues presumed to allow for arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1270", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15959", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15881", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15967", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1603", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16008", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15969", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15901", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15826", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15839", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15885", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16023", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.16085", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-1270" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1270", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1270" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://sourceforge.net/p/graphicsmagick/bugs/664/", "reference_id": "664", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-05-21T14:58:47Z/" } ], "url": "https://sourceforge.net/p/graphicsmagick/bugs/664/" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5288", "reference_id": "dsa-5288", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-05-21T14:58:47Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5288" }, { "reference_url": "https://security.gentoo.org/glsa/202209-19", "reference_id": "GLSA-202209-19", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-05-21T14:58:47Z/" } ], "url": "https://security.gentoo.org/glsa/202209-19" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00028.html", "reference_id": "msg00028.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-05-21T14:58:47Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2022/11/msg00028.html" }, { "reference_url": "https://usn.ubuntu.com/5974-1/", "reference_id": "USN-5974-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5974-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1053261?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.36%2Bhg16481-2%2Bdeb11u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.36%252Bhg16481-2%252Bdeb11u1" } ], "aliases": [ "CVE-2022-1270" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3tbg-j6gv-9ub8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47143?format=api", "vulnerability_id": "VCID-uvjy-tccq-bkhb", "summary": "Multiple vulnerabilities have been discovered in GraphicsMagick, the worst of which are fuzzing issues presumed to allow for arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12672", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02691", "scoring_system": "epss", "scoring_elements": "0.85793", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02691", "scoring_system": "epss", "scoring_elements": "0.85805", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02691", "scoring_system": "epss", "scoring_elements": "0.85823", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02691", "scoring_system": "epss", "scoring_elements": "0.85827", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02691", "scoring_system": "epss", "scoring_elements": "0.85846", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02691", "scoring_system": "epss", "scoring_elements": "0.85856", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02691", "scoring_system": "epss", "scoring_elements": "0.85871", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02691", "scoring_system": "epss", "scoring_elements": "0.85868", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02691", "scoring_system": "epss", "scoring_elements": "0.85864", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02691", "scoring_system": "epss", "scoring_elements": "0.85882", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02691", "scoring_system": "epss", "scoring_elements": "0.85887", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02691", "scoring_system": "epss", "scoring_elements": "0.85879", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-12672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12672" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960000", "reference_id": "960000", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960000" }, { "reference_url": "https://security.gentoo.org/glsa/202209-19", "reference_id": "GLSA-202209-19", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202209-19" }, { "reference_url": "https://usn.ubuntu.com/5974-1/", "reference_id": "USN-5974-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5974-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-5190-1/", "reference_id": "USN-USN-5190-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5190-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1053261?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.36%2Bhg16481-2%2Bdeb11u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.36%252Bhg16481-2%252Bdeb11u1" } ], "aliases": [ "CVE-2020-12672" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uvjy-tccq-bkhb" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83047?format=api", "vulnerability_id": "VCID-15mv-khzp-fqfk", "summary": "ImageMagick: memory leak in WriteMSLImage of coders/msl.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18544.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18544.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18544", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35516", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35718", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35743", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35624", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.3567", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35693", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35703", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35658", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35636", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35675", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35665", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35615", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-18544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18544" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642614", "reference_id": "1642614", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1642614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4034-1/", "reference_id": "USN-4034-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4034-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2018-18544" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-15mv-khzp-fqfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93670?format=api", "vulnerability_id": "VCID-1m2c-fyc2-2qf3", "summary": "In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20185", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74852", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74773", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74776", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74804", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74777", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.7481", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74824", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74848", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74827", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74818", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74853", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74861", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20185" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20185", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20185" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916719", "reference_id": "916719", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916719" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2018-20185" ], "risk_score": 0.8, "exploitability": "0.5", "weighted_severity": "1.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1m2c-fyc2-2qf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93899?format=api", "vulnerability_id": "VCID-2e5h-jf8c-dudp", "summary": "coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (out-of-bounds read and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11473", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.79481", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.79488", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.79511", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.79497", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.79525", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.79533", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.79555", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.79538", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.79529", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.7956", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.79558", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01274", "scoring_system": "epss", "scoring_elements": "0.79563", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11473" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11473", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11473" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2019-11473" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2e5h-jf8c-dudp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82838?format=api", "vulnerability_id": "VCID-3qad-mewf-8khz", "summary": "ImageMagick: Memory leak in the WritePDFImage function in coders/pdf.c", "references": [ { "reference_url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/11ad3aeb8ab1" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00034.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7397.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7397.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51521", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51649", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.5162", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51662", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51669", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51572", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51598", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51559", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51613", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51609", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51658", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00282", "scoring_system": "epss", "scoring_elements": "0.51637", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11470" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11472" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13295" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13297" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13300" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13301" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13304" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13305" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13306" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13308" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13309" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13391" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15139" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15140" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16710" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16712" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16713" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7396" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7397" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7398" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/issues/1454" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4712" }, { "reference_url": "http://www.securityfocus.com/bid/106847", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/106847" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672564", "reference_id": "1672564", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672564" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7397", "reference_id": "CVE-2019-7397", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-7397" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4034-1/", "reference_id": "USN-4034-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4034-1/" }, { "reference_url": "https://usn.ubuntu.com/7068-1/", "reference_id": "USN-7068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2019-7397" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3qad-mewf-8khz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93904?format=api", "vulnerability_id": "VCID-4pd9-uv1z-6qfx", "summary": "In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11506", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.80983", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.80992", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81015", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81014", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81042", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81049", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81066", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81053", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81045", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81083", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81084", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81081", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11506" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2019-11506" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4pd9-uv1z-6qfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/94447?format=api", "vulnerability_id": "VCID-5um7-kjwx-a7ft", "summary": "Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-21679", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30213", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30401", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30372", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30446", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30255", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30314", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30349", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30353", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30308", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30261", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30275", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30257", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-21679" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-21679" }, { "reference_url": "https://sourceforge.net/p/graphicsmagick/bugs/619/", "reference_id": "619", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-07T15:14:19Z/" } ], "url": "https://sourceforge.net/p/graphicsmagick/bugs/619/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2020-21679" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5um7-kjwx-a7ft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79329?format=api", "vulnerability_id": "VCID-756j-6ajn-zkcp", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19953", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.79718", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.79725", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.79747", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.79733", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.79762", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.79768", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.7979", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.79774", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.79767", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.79794", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.79795", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01306", "scoring_system": "epss", "scoring_elements": "0.79799", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19953" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19951", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19951" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19953", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19953" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947311", "reference_id": "947311", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=947311" }, { "reference_url": "https://usn.ubuntu.com/USN-5190-1/", "reference_id": "USN-USN-5190-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5190-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036931?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.3.30%2Bhg15796-1~deb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15mv-khzp-fqfk" }, { "vulnerability": "VCID-1m2c-fyc2-2qf3" }, { "vulnerability": "VCID-2e5h-jf8c-dudp" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-4pd9-uv1z-6qfx" }, { "vulnerability": "VCID-5um7-kjwx-a7ft" }, { "vulnerability": "VCID-756j-6ajn-zkcp" }, { "vulnerability": "VCID-am38-b487-k7bn" }, { "vulnerability": "VCID-bh46-tx2w-8bfq" }, { "vulnerability": "VCID-cxs4-yude-jba3" }, { "vulnerability": "VCID-ek9v-zmf4-u7aw" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-k5jd-24qt-aqc6" }, { "vulnerability": "VCID-mw2s-6zec-8ucb" }, { "vulnerability": "VCID-qh3z-vna7-87h2" }, { "vulnerability": "VCID-qjhw-tswt-m3ak" }, { "vulnerability": "VCID-qtv6-ta8r-pka7" }, { "vulnerability": "VCID-sg7b-evpj-9fdd" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" }, { "vulnerability": "VCID-v4yk-f1rh-efh3" }, { "vulnerability": "VCID-wwqv-tpq5-dqgs" }, { "vulnerability": "VCID-xvve-pj82-mfh6" }, { "vulnerability": "VCID-zvjw-vzvx-6qab" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.3.30%252Bhg15796-1~deb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2019-19953" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-756j-6ajn-zkcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93672?format=api", "vulnerability_id": "VCID-am38-b487-k7bn", "summary": "In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20189", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82137", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.8215", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82172", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82169", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82195", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82202", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82222", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82214", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82208", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82245", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01686", "scoring_system": "epss", "scoring_elements": "0.82246", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20189" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20189", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20189" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916752", "reference_id": "916752", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916752" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" }, { "reference_url": "https://usn.ubuntu.com/5974-1/", "reference_id": "USN-5974-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5974-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2018-20189" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-am38-b487-k7bn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93874?format=api", "vulnerability_id": "VCID-bh46-tx2w-8bfq", "summary": "In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value.", "references": [ { "reference_url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b6fb77d7d54d", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b6fb77d7d54d" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11005", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.84622", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.846", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.8462", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.84522", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.84537", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.84559", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.84562", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.84584", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.8459", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.84609", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.84604", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11005" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://sourceforge.net/p/graphicsmagick/bugs/600/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceforge.net/p/graphicsmagick/bugs/600/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4640" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029", "reference_id": "927029", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11005", "reference_id": "CVE-2019-11005", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11005" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2019-11005" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bh46-tx2w-8bfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93903?format=api", "vulnerability_id": "VCID-cxs4-yude-jba3", "summary": "In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11505", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.7827", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78187", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78196", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78226", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78208", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78235", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.7824", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78265", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78248", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78244", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78275", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78273", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11505" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11505" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2019-11505" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cxs4-yude-jba3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93879?format=api", "vulnerability_id": "VCID-ek9v-zmf4-u7aw", "summary": "In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file.", "references": [ { "reference_url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/a348d9661019", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/a348d9661019" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11010", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.6964", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69592", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69631", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69526", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69537", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69553", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69532", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69582", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69599", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69621", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69606", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11010" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html" }, { "reference_url": "https://sourceforge.net/p/graphicsmagick/bugs/601/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceforge.net/p/graphicsmagick/bugs/601/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4640" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029", "reference_id": "927029", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11010", "reference_id": "CVE-2019-11010", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11010" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2019-11010" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ek9v-zmf4-u7aw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82054?format=api", "vulnerability_id": "VCID-ezcj-2yaf-rfhh", "summary": "ImageMagick: memory leak in coders/dps.c", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00045.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00046.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00040.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00042.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16709.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16709.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16709", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40569", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40559", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40622", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40668", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40637", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40651", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40679", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40599", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.4065", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40659", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.40677", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00188", "scoring_system": "epss", "scoring_elements": "0.4064", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-16709" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16709", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16709" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ImageMagick/ImageMagick/issues/1531", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ImageMagick/ImageMagick/issues/1531" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801661", "reference_id": "1801661", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1801661" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-35:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:imagemagick:imagemagick:7.0.8-35:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:imagemagick:imagemagick:7.0.8-35:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:backports:sle-15:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16709", "reference_id": "CVE-2019-16709", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16709" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:1180", "reference_id": "RHSA-2020:1180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:1180" }, { "reference_url": "https://usn.ubuntu.com/4192-1/", "reference_id": "USN-4192-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4192-1/" }, { "reference_url": "https://usn.ubuntu.com/7053-1/", "reference_id": "USN-7053-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7053-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2019-16709" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ezcj-2yaf-rfhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93878?format=api", "vulnerability_id": "VCID-k5jd-24qt-aqc6", "summary": "In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file.", "references": [ { "reference_url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/7cff2b1792de", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/7cff2b1792de" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00020.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00055.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11009", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79967", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79936", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79964", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79888", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79895", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79916", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79903", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79932", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79941", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79961", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79944", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11009" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html" }, { "reference_url": "https://sourceforge.net/p/graphicsmagick/bugs/597/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceforge.net/p/graphicsmagick/bugs/597/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4640" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029", "reference_id": "927029", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11009", "reference_id": "CVE-2019-11009", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" }, { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11009" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2019-11009" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k5jd-24qt-aqc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93876?format=api", "vulnerability_id": "VCID-mw2s-6zec-8ucb", "summary": "In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap.", "references": [ { "reference_url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/40fc71472b98", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/40fc71472b98" }, { "reference_url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/86a9295e7c83", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/86a9295e7c83" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00010.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00010.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11007", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84115", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84113", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84019", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84033", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84049", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84052", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84075", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84082", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84099", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84093", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84088", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.8411", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11007" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html" }, { "reference_url": "https://sourceforge.net/p/graphicsmagick/bugs/596/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceforge.net/p/graphicsmagick/bugs/596/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4640" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029", "reference_id": "927029", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11007", "reference_id": "CVE-2019-11007", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" }, { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11007" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2019-11007" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mw2s-6zec-8ucb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79197?format=api", "vulnerability_id": "VCID-qh3z-vna7-87h2", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00049.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00049.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00051.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00051.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12921", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05729", "scoring_system": "epss", "scoring_elements": "0.90453", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.05729", "scoring_system": "epss", "scoring_elements": "0.90456", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05729", "scoring_system": "epss", "scoring_elements": "0.90455", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.05729", "scoring_system": "epss", "scoring_elements": "0.904", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.05729", "scoring_system": "epss", "scoring_elements": "0.90404", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05729", "scoring_system": "epss", "scoring_elements": "0.90416", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05729", "scoring_system": "epss", "scoring_elements": "0.9042", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05729", "scoring_system": "epss", "scoring_elements": "0.90434", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05729", "scoring_system": "epss", "scoring_elements": "0.9044", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05729", "scoring_system": "epss", "scoring_elements": "0.90448", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05729", "scoring_system": "epss", "scoring_elements": "0.90447", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-12921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10938" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/d0ge/data-processing/blob/master/CVE-2019-12921.md", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/d0ge/data-processing/blob/master/CVE-2019-12921.md" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00026.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00026.html" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4675" }, { "reference_url": "http://www.graphicsmagick.org/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.graphicsmagick.org/" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12921", "reference_id": "CVE-2019-12921", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12921" }, { "reference_url": "https://usn.ubuntu.com/USN-5190-1/", "reference_id": "USN-USN-5190-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5190-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036931?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.3.30%2Bhg15796-1~deb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15mv-khzp-fqfk" }, { "vulnerability": "VCID-1m2c-fyc2-2qf3" }, { "vulnerability": "VCID-2e5h-jf8c-dudp" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-4pd9-uv1z-6qfx" }, { "vulnerability": "VCID-5um7-kjwx-a7ft" }, { "vulnerability": "VCID-756j-6ajn-zkcp" }, { "vulnerability": "VCID-am38-b487-k7bn" }, { "vulnerability": "VCID-bh46-tx2w-8bfq" }, { "vulnerability": "VCID-cxs4-yude-jba3" }, { "vulnerability": "VCID-ek9v-zmf4-u7aw" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-k5jd-24qt-aqc6" }, { "vulnerability": "VCID-mw2s-6zec-8ucb" }, { "vulnerability": "VCID-qh3z-vna7-87h2" }, { "vulnerability": "VCID-qjhw-tswt-m3ak" }, { "vulnerability": "VCID-qtv6-ta8r-pka7" }, { "vulnerability": "VCID-sg7b-evpj-9fdd" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" }, { "vulnerability": "VCID-v4yk-f1rh-efh3" }, { "vulnerability": "VCID-wwqv-tpq5-dqgs" }, { "vulnerability": "VCID-xvve-pj82-mfh6" }, { "vulnerability": "VCID-zvjw-vzvx-6qab" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.3.30%252Bhg15796-1~deb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2019-12921" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qh3z-vna7-87h2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93877?format=api", "vulnerability_id": "VCID-qjhw-tswt-m3ak", "summary": "In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.", "references": [ { "reference_url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d823d23a474b", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d823d23a474b" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00010.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00010.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00020.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00055.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11008", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.84028", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.84024", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.84026", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.83932", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.83946", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.83962", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.83964", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.83987", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.83994", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.84009", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.84004", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.84", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11008" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html" }, { "reference_url": "https://sourceforge.net/p/graphicsmagick/bugs/599/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceforge.net/p/graphicsmagick/bugs/599/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4640" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029", "reference_id": "927029", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11008", "reference_id": "CVE-2019-11008", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11008" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2019-11008" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qjhw-tswt-m3ak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93669?format=api", "vulnerability_id": "VCID-qtv6-ta8r-pka7", "summary": "In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20184", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00711", "scoring_system": "epss", "scoring_elements": "0.72278", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00711", "scoring_system": "epss", "scoring_elements": "0.72196", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00711", "scoring_system": "epss", "scoring_elements": "0.72201", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00711", "scoring_system": "epss", "scoring_elements": "0.72221", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00711", "scoring_system": "epss", "scoring_elements": "0.72197", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00711", "scoring_system": "epss", "scoring_elements": "0.72233", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00711", "scoring_system": "epss", "scoring_elements": "0.72246", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00711", "scoring_system": "epss", "scoring_elements": "0.72268", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00711", "scoring_system": "epss", "scoring_elements": "0.72252", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00711", "scoring_system": "epss", "scoring_elements": "0.72238", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00711", "scoring_system": "epss", "scoring_elements": "0.72281", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00711", "scoring_system": "epss", "scoring_elements": "0.7229", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20184" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20184", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20184" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916721", "reference_id": "916721", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=916721" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" }, { "reference_url": "https://usn.ubuntu.com/5974-1/", "reference_id": "USN-5974-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5974-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2018-20184" ], "risk_score": 0.8, "exploitability": "0.5", "weighted_severity": "1.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtv6-ta8r-pka7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79198?format=api", "vulnerability_id": "VCID-sg7b-evpj-9fdd", "summary": "security update", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00049.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00049.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00051.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00051.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10938", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02898", "scoring_system": "epss", "scoring_elements": "0.86346", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02898", "scoring_system": "epss", "scoring_elements": "0.86353", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02898", "scoring_system": "epss", "scoring_elements": "0.86268", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02898", "scoring_system": "epss", "scoring_elements": "0.86278", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02898", "scoring_system": "epss", "scoring_elements": "0.86296", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02898", "scoring_system": "epss", "scoring_elements": "0.86297", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02898", "scoring_system": "epss", "scoring_elements": "0.86315", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02898", "scoring_system": "epss", "scoring_elements": "0.86325", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02898", "scoring_system": "epss", "scoring_elements": "0.86339", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02898", "scoring_system": "epss", "scoring_elements": "0.86337", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02898", "scoring_system": "epss", "scoring_elements": "0.86332", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02898", "scoring_system": "epss", "scoring_elements": "0.86348", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-10938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10938" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2020/04/msg00007.html" }, { "reference_url": "https://sourceforge.net/p/graphicsmagick/code/ci/5b4dd7c6674140a115ec9424c8d19c6a458fac3e/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceforge.net/p/graphicsmagick/code/ci/5b4dd7c6674140a115ec9424c8d19c6a458fac3e/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4675" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:backports:sle-15:sp1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10938", "reference_id": "CVE-2020-10938", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10938" }, { "reference_url": "https://usn.ubuntu.com/USN-5190-1/", "reference_id": "USN-USN-5190-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5190-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036931?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.3.30%2Bhg15796-1~deb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15mv-khzp-fqfk" }, { "vulnerability": "VCID-1m2c-fyc2-2qf3" }, { "vulnerability": "VCID-2e5h-jf8c-dudp" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-4pd9-uv1z-6qfx" }, { "vulnerability": "VCID-5um7-kjwx-a7ft" }, { "vulnerability": "VCID-756j-6ajn-zkcp" }, { "vulnerability": "VCID-am38-b487-k7bn" }, { "vulnerability": "VCID-bh46-tx2w-8bfq" }, { "vulnerability": "VCID-cxs4-yude-jba3" }, { "vulnerability": "VCID-ek9v-zmf4-u7aw" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-k5jd-24qt-aqc6" }, { "vulnerability": "VCID-mw2s-6zec-8ucb" }, { "vulnerability": "VCID-qh3z-vna7-87h2" }, { "vulnerability": "VCID-qjhw-tswt-m3ak" }, { "vulnerability": "VCID-qtv6-ta8r-pka7" }, { "vulnerability": "VCID-sg7b-evpj-9fdd" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" }, { "vulnerability": "VCID-v4yk-f1rh-efh3" }, { "vulnerability": "VCID-wwqv-tpq5-dqgs" }, { "vulnerability": "VCID-xvve-pj82-mfh6" }, { "vulnerability": "VCID-zvjw-vzvx-6qab" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.3.30%252Bhg15796-1~deb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2020-10938" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sg7b-evpj-9fdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79326?format=api", "vulnerability_id": "VCID-v4yk-f1rh-efh3", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19950", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78891", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78897", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78926", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78909", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78933", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78939", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78963", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78948", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78938", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78967", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01204", "scoring_system": "epss", "scoring_elements": "0.78964", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19951", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19951" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19953", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19953" }, { "reference_url": "https://usn.ubuntu.com/USN-5190-1/", "reference_id": "USN-USN-5190-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5190-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036931?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.3.30%2Bhg15796-1~deb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15mv-khzp-fqfk" }, { "vulnerability": "VCID-1m2c-fyc2-2qf3" }, { "vulnerability": "VCID-2e5h-jf8c-dudp" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-4pd9-uv1z-6qfx" }, { "vulnerability": "VCID-5um7-kjwx-a7ft" }, { "vulnerability": "VCID-756j-6ajn-zkcp" }, { "vulnerability": "VCID-am38-b487-k7bn" }, { "vulnerability": "VCID-bh46-tx2w-8bfq" }, { "vulnerability": "VCID-cxs4-yude-jba3" }, { "vulnerability": "VCID-ek9v-zmf4-u7aw" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-k5jd-24qt-aqc6" }, { "vulnerability": "VCID-mw2s-6zec-8ucb" }, { "vulnerability": "VCID-qh3z-vna7-87h2" }, { "vulnerability": "VCID-qjhw-tswt-m3ak" }, { "vulnerability": "VCID-qtv6-ta8r-pka7" }, { "vulnerability": "VCID-sg7b-evpj-9fdd" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" }, { "vulnerability": "VCID-v4yk-f1rh-efh3" }, { "vulnerability": "VCID-wwqv-tpq5-dqgs" }, { "vulnerability": "VCID-xvve-pj82-mfh6" }, { "vulnerability": "VCID-zvjw-vzvx-6qab" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.3.30%252Bhg15796-1~deb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2019-19950" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v4yk-f1rh-efh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93900?format=api", "vulnerability_id": "VCID-wwqv-tpq5-dqgs", "summary": "coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a denial of service (floating-point exception and application crash) by crafting an XWD image file, a different vulnerability than CVE-2019-11008 and CVE-2019-11009.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11474", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0298", "scoring_system": "epss", "scoring_elements": "0.86462", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0298", "scoring_system": "epss", "scoring_elements": "0.86472", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0298", "scoring_system": "epss", "scoring_elements": "0.8649", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0298", "scoring_system": "epss", "scoring_elements": "0.86509", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0298", "scoring_system": "epss", "scoring_elements": "0.86519", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0298", "scoring_system": "epss", "scoring_elements": "0.86533", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0298", "scoring_system": "epss", "scoring_elements": "0.8653", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0298", "scoring_system": "epss", "scoring_elements": "0.86525", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0298", "scoring_system": "epss", "scoring_elements": "0.8654", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0298", "scoring_system": "epss", "scoring_elements": "0.86545", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0298", "scoring_system": "epss", "scoring_elements": "0.86538", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11474" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11474", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11474" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2019-11474" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wwqv-tpq5-dqgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93875?format=api", "vulnerability_id": "VCID-xvve-pj82-mfh6", "summary": "In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet.", "references": [ { "reference_url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/f7610c1281c1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/f7610c1281c1" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11006", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80499", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80467", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80496", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80415", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80421", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80442", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80431", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80461", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80471", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80489", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80474", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11006" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html" }, { "reference_url": "https://sourceforge.net/p/graphicsmagick/bugs/598/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceforge.net/p/graphicsmagick/bugs/598/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4640" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029", "reference_id": "927029", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11006", "reference_id": "CVE-2019-11006", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11006" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" }, { "reference_url": "https://usn.ubuntu.com/5974-1/", "reference_id": "USN-5974-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5974-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2019-11006" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xvve-pj82-mfh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/79327?format=api", "vulnerability_id": "VCID-zvjw-vzvx-6qab", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19951", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0144", "scoring_system": "epss", "scoring_elements": "0.80659", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0144", "scoring_system": "epss", "scoring_elements": "0.80668", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0144", "scoring_system": "epss", "scoring_elements": "0.80689", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0144", "scoring_system": "epss", "scoring_elements": "0.80684", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0144", "scoring_system": "epss", "scoring_elements": "0.80713", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0144", "scoring_system": "epss", "scoring_elements": "0.80723", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0144", "scoring_system": "epss", "scoring_elements": "0.80739", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0144", "scoring_system": "epss", "scoring_elements": "0.80725", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0144", "scoring_system": "epss", "scoring_elements": "0.80717", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0144", "scoring_system": "epss", "scoring_elements": "0.80753", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0144", "scoring_system": "epss", "scoring_elements": "0.80754", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0144", "scoring_system": "epss", "scoring_elements": "0.80756", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-19951" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19951", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19951" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19953", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19953" }, { "reference_url": "https://usn.ubuntu.com/USN-5190-1/", "reference_id": "USN-USN-5190-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-5190-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1036931?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.3.30%2Bhg15796-1~deb9u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-15mv-khzp-fqfk" }, { "vulnerability": "VCID-1m2c-fyc2-2qf3" }, { "vulnerability": "VCID-2e5h-jf8c-dudp" }, { "vulnerability": "VCID-3qad-mewf-8khz" }, { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-4pd9-uv1z-6qfx" }, { "vulnerability": "VCID-5um7-kjwx-a7ft" }, { "vulnerability": "VCID-756j-6ajn-zkcp" }, { "vulnerability": "VCID-am38-b487-k7bn" }, { "vulnerability": "VCID-bh46-tx2w-8bfq" }, { "vulnerability": "VCID-cxs4-yude-jba3" }, { "vulnerability": "VCID-ek9v-zmf4-u7aw" }, { "vulnerability": "VCID-ezcj-2yaf-rfhh" }, { "vulnerability": "VCID-k5jd-24qt-aqc6" }, { "vulnerability": "VCID-mw2s-6zec-8ucb" }, { "vulnerability": "VCID-qh3z-vna7-87h2" }, { "vulnerability": "VCID-qjhw-tswt-m3ak" }, { "vulnerability": "VCID-qtv6-ta8r-pka7" }, { "vulnerability": "VCID-sg7b-evpj-9fdd" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" }, { "vulnerability": "VCID-v4yk-f1rh-efh3" }, { "vulnerability": "VCID-wwqv-tpq5-dqgs" }, { "vulnerability": "VCID-xvve-pj82-mfh6" }, { "vulnerability": "VCID-zvjw-vzvx-6qab" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.3.30%252Bhg15796-1~deb9u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1038031?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.35-1~deb10u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3tbg-j6gv-9ub8" }, { "vulnerability": "VCID-uvjy-tccq-bkhb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" } ], "aliases": [ "CVE-2019-19951" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zvjw-vzvx-6qab" } ], "risk_score": "3.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.35-1~deb10u2" }