Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/187286?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/187286?format=api", "purl": "pkg:rpm/redhat/kdegraphics@7:3.1.3-3?arch=10", "type": "rpm", "namespace": "redhat", "name": "kdegraphics", "version": "7:3.1.3-3", "qualifiers": { "arch": "10" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102710?format=api", "vulnerability_id": "VCID-5ev1-3p3b-2bhw", "summary": "TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to pass numeric range checks and possibly execute code, and trigger assert errors, via large offset values in a TIFF directory that lead to an integer overflow and other unspecified vectors involving \"unchecked arithmetic operations\".", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3464.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3464.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3464", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01257", "scoring_system": "epss", "scoring_elements": "0.7972", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01257", "scoring_system": "epss", "scoring_elements": "0.79746", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3464" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3464", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3464" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=199111", "reference_id": "199111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=199111" }, { "reference_url": "https://security.gentoo.org/glsa/200608-07", "reference_id": "GLSA-200608-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200608-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0603", "reference_id": "RHSA-2006:0603", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0603" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0648", "reference_id": "RHSA-2006:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0648" }, { "reference_url": "https://usn.ubuntu.com/330-1/", "reference_id": "USN-330-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/330-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2006-3464" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ev1-3p3b-2bhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102693?format=api", "vulnerability_id": "VCID-8fqg-6vqy-q3gc", "summary": "Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in (1) the TIFFFetchAnyArray function in (a) tif_dirread.c; (2) certain \"codec cleanup methods\" in (b) tif_lzw.c, (c) tif_pixarlog.c, and (d) tif_zip.c; (3) and improper restoration of setfield and getfield methods in cleanup functions within (e) tif_jpeg.c, tif_pixarlog.c, (f) tif_fax3.c, and tif_zip.c.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2024.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2024.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2024", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14948", "scoring_system": "epss", "scoring_elements": "0.94683", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.14948", "scoring_system": "epss", "scoring_elements": "0.94692", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2024" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618083", "reference_id": "1618083", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618083" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27762.txt", "reference_id": "CVE-2006-2024;OSVDB-25018", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27762.txt" }, { "reference_url": "https://www.securityfocus.com/bid/17730/info", "reference_id": "CVE-2006-2024;OSVDB-25018", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/17730/info" }, { "reference_url": "https://security.gentoo.org/glsa/200605-17", "reference_id": "GLSA-200605-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200605-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0425", "reference_id": "RHSA-2006:0425", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0425" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0648", "reference_id": "RHSA-2006:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0648" }, { "reference_url": "https://usn.ubuntu.com/277-1/", "reference_id": "USN-277-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/277-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2006-2024" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8fqg-6vqy-q3gc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102709?format=api", "vulnerability_id": "VCID-bsga-3u4w-g7ek", "summary": "The EstimateStripByteCounts function in TIFF library (libtiff) before 3.8.2 uses a 16-bit unsigned short when iterating over an unsigned 32-bit value, which allows context-dependent attackers to cause a denial of service via a large td_nstrips value, which triggers an infinite loop.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3463.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3463.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3463", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03648", "scoring_system": "epss", "scoring_elements": "0.88068", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03648", "scoring_system": "epss", "scoring_elements": "0.88089", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3463" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3463", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3463" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=199111", "reference_id": "199111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=199111" }, { "reference_url": "https://security.gentoo.org/glsa/200608-07", "reference_id": "GLSA-200608-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200608-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0603", "reference_id": "RHSA-2006:0603", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0603" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0648", "reference_id": "RHSA-2006:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0648" }, { "reference_url": "https://usn.ubuntu.com/330-1/", "reference_id": "USN-330-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/330-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2006-3463" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bsga-3u4w-g7ek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102694?format=api", "vulnerability_id": "VCID-h3w5-akuc-uucj", "summary": "Integer overflow in the TIFFFetchData function in tif_dirread.c for libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted TIFF image.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2025.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2025.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2025", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0744", "scoring_system": "epss", "scoring_elements": "0.91894", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0744", "scoring_system": "epss", "scoring_elements": "0.91907", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2025" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618084", "reference_id": "1618084", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618084" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27764.txt", "reference_id": "CVE-2006-2025;OSVDB-25019", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27764.txt" }, { "reference_url": "https://www.securityfocus.com/bid/17732/info", "reference_id": "CVE-2006-2025;OSVDB-25019", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/17732/info" }, { "reference_url": "https://security.gentoo.org/glsa/200605-17", "reference_id": "GLSA-200605-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200605-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0425", "reference_id": "RHSA-2006:0425", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0425" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0648", "reference_id": "RHSA-2006:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0648" }, { "reference_url": "https://usn.ubuntu.com/277-1/", "reference_id": "USN-277-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/277-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2006-2025" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h3w5-akuc-uucj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102697?format=api", "vulnerability_id": "VCID-mp1n-rysy-5yeu", "summary": "Double free vulnerability in tif_jpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to \"setfield/getfield methods in cleanup functions.\"", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2026.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-2026.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2026", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10273", "scoring_system": "epss", "scoring_elements": "0.93299", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.10273", "scoring_system": "epss", "scoring_elements": "0.93311", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-2026" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2026", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2026" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618085", "reference_id": "1618085", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618085" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27765.txt", "reference_id": "CVE-2006-2026;OSVDB-25020", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/27765.txt" }, { "reference_url": "https://www.securityfocus.com/bid/17733/info", "reference_id": "CVE-2006-2026;OSVDB-25020", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/17733/info" }, { "reference_url": "https://security.gentoo.org/glsa/200605-17", "reference_id": "GLSA-200605-17", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200605-17" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0425", "reference_id": "RHSA-2006:0425", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0425" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0648", "reference_id": "RHSA-2006:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0648" }, { "reference_url": "https://usn.ubuntu.com/277-1/", "reference_id": "USN-277-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/277-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2006-2026" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mp1n-rysy-5yeu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102711?format=api", "vulnerability_id": "VCID-q1qd-rz22-6bce", "summary": "Unspecified vulnerability in the custom tag support for the TIFF library (libtiff) before 3.8.2 allows remote attackers to cause a denial of service (instability or crash) and execute arbitrary code via unknown vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3465.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3465.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3465", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.14381", "scoring_system": "epss", "scoring_elements": "0.94544", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.14381", "scoring_system": "epss", "scoring_elements": "0.94552", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3465" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3465", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3465" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=199111", "reference_id": "199111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=199111" }, { "reference_url": "https://security.gentoo.org/glsa/200608-07", "reference_id": "GLSA-200608-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200608-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0603", "reference_id": "RHSA-2006:0603", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0603" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0648", "reference_id": "RHSA-2006:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0648" }, { "reference_url": "https://usn.ubuntu.com/330-1/", "reference_id": "USN-330-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/330-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2006-3465" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q1qd-rz22-6bce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102708?format=api", "vulnerability_id": "VCID-t8jy-sjyh-rya3", "summary": "Heap-based buffer overflow in the NeXT RLE decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors involving decoding large RLE images.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3462.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3462.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3462", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01873", "scoring_system": "epss", "scoring_elements": "0.83463", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01873", "scoring_system": "epss", "scoring_elements": "0.83488", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3462" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3462", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3462" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=199111", "reference_id": "199111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=199111" }, { "reference_url": "https://security.gentoo.org/glsa/200608-07", "reference_id": "GLSA-200608-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200608-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0603", "reference_id": "RHSA-2006:0603", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0603" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0648", "reference_id": "RHSA-2006:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0648" }, { "reference_url": "https://usn.ubuntu.com/330-1/", "reference_id": "USN-330-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/330-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2006-3462" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t8jy-sjyh-rya3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102706?format=api", "vulnerability_id": "VCID-up7j-sscy-q3e3", "summary": "Heap-based buffer overflow in the JPEG decoder in the TIFF library (libtiff) before 3.8.2 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via an encoded JPEG stream that is longer than the scan line size (TiffScanLineSize).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3460.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3460.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3460", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00835", "scoring_system": "epss", "scoring_elements": "0.74989", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00835", "scoring_system": "epss", "scoring_elements": "0.75018", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3460" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=199111", "reference_id": "199111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=199111" }, { "reference_url": "https://security.gentoo.org/glsa/200608-07", "reference_id": "GLSA-200608-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200608-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0603", "reference_id": "RHSA-2006:0603", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0603" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0648", "reference_id": "RHSA-2006:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0648" }, { "reference_url": "https://usn.ubuntu.com/330-1/", "reference_id": "USN-330-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/330-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2006-3460" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-up7j-sscy-q3e3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102704?format=api", "vulnerability_id": "VCID-vxvp-9jaw-4ka8", "summary": "Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3459.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3459.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3459", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.687", "scoring_system": "epss", "scoring_elements": "0.98637", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.687", "scoring_system": "epss", "scoring_elements": "0.98638", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3459" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3459", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3459" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=199111", "reference_id": "199111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=199111" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/16862.rb", "reference_id": "CVE-2006-3459;OSVDB-27723", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/16862.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/16868.rb", "reference_id": "CVE-2006-3459;OSVDB-27723", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/16868.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/16869.rb", "reference_id": "CVE-2006-3459;OSVDB-27723", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/hardware/remote/16869.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/ios/remote/21868.rb", "reference_id": "CVE-2010-0188;OSVDB-27723;CVE-2006-3459", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/ios/remote/21868.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/ios/remote/21869.rb", "reference_id": "CVE-2010-0188;OSVDB-27723;CVE-2006-3459", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/ios/remote/21869.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/11787.py", "reference_id": "CVE-2010-0188;OSVDB-62526;CVE-2006-3459;OSVDB-27723", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/11787.py" }, { "reference_url": "https://security.gentoo.org/glsa/200608-07", "reference_id": "GLSA-200608-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200608-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0603", "reference_id": "RHSA-2006:0603", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0603" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0648", "reference_id": "RHSA-2006:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0648" }, { "reference_url": "https://usn.ubuntu.com/330-1/", "reference_id": "USN-330-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/330-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2006-3459" ], "risk_score": 1.2, "exploitability": "2.0", "weighted_severity": "0.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vxvp-9jaw-4ka8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/102707?format=api", "vulnerability_id": "VCID-yhcx-mmhn-83em", "summary": "Heap-based buffer overflow in the PixarLog decoder in the TIFF library (libtiff) before 3.8.2 might allow context-dependent attackers to execute arbitrary code via unknown vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3461.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-3461.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3461", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0369", "scoring_system": "epss", "scoring_elements": "0.88144", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0369", "scoring_system": "epss", "scoring_elements": "0.88164", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2006-3461" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3461", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=199111", "reference_id": "199111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=199111" }, { "reference_url": "https://security.gentoo.org/glsa/200608-07", "reference_id": "GLSA-200608-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/200608-07" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0603", "reference_id": "RHSA-2006:0603", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0603" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2006:0648", "reference_id": "RHSA-2006:0648", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2006:0648" }, { "reference_url": "https://usn.ubuntu.com/330-1/", "reference_id": "USN-330-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/330-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2006-3461" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yhcx-mmhn-83em" } ], "fixing_vulnerabilities": [], "risk_score": "1.2", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/kdegraphics@7:3.1.3-3%3Farch=10" }