Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/189372?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "type": "ebuild", "namespace": "media-libs", "name": "freetype", "version": "2.4.9", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.4.11", "latest_non_vulnerable_version": "2.13.1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2266?format=api", "vulnerability_id": "VCID-2yvb-7w2n-ybhg", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1131.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1131.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1131", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86758", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.8678", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86778", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86775", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1131" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800589", "reference_id": "800589", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800589" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1131", "reference_id": "CVE-2012-1131", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1131" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0467", "reference_id": "RHSA-2012:0467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0467" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1131" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2yvb-7w2n-ybhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2263?format=api", "vulnerability_id": "VCID-31q8-w6bh-zuey", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1128.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1128.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1128", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02697", "scoring_system": "epss", "scoring_elements": "0.86154", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02697", "scoring_system": "epss", "scoring_elements": "0.86175", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02697", "scoring_system": "epss", "scoring_elements": "0.86177", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02697", "scoring_system": "epss", "scoring_elements": "0.86173", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1128" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800584", "reference_id": "800584", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800584" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1128", "reference_id": "CVE-2012-1128", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1128" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1128" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-31q8-w6bh-zuey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2262?format=api", "vulnerability_id": "VCID-6jeb-n9un-3qhd", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1127.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1127.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1127", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86758", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.8678", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86778", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86775", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1127" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800583", "reference_id": "800583", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800583" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1127", "reference_id": "CVE-2012-1127", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1127" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0467", "reference_id": "RHSA-2012:0467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0467" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1127" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6jeb-n9un-3qhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2265?format=api", "vulnerability_id": "VCID-79xr-2yux-37ea", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1130.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1130.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1130", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86758", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.8678", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86778", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86775", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1130" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800587", "reference_id": "800587", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800587" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1130", "reference_id": "CVE-2012-1130", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1130" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0467", "reference_id": "RHSA-2012:0467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0467" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1130" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-79xr-2yux-37ea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2270?format=api", "vulnerability_id": "VCID-8sk7-1vxp-9bgd", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1135.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1135.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1135", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03525", "scoring_system": "epss", "scoring_elements": "0.87862", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03525", "scoring_system": "epss", "scoring_elements": "0.87883", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03525", "scoring_system": "epss", "scoring_elements": "0.87885", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.03525", "scoring_system": "epss", "scoring_elements": "0.87886", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1135" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800593", "reference_id": "800593", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800593" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1135", "reference_id": "CVE-2012-1135", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1135" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1135" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8sk7-1vxp-9bgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2273?format=api", "vulnerability_id": "VCID-aswe-3g48-wfgm", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1138.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1138.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1138", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03525", "scoring_system": "epss", "scoring_elements": "0.87862", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03525", "scoring_system": "epss", "scoring_elements": "0.87883", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03525", "scoring_system": "epss", "scoring_elements": "0.87885", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.03525", "scoring_system": "epss", "scoring_elements": "0.87886", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1138" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800597", "reference_id": "800597", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1138", "reference_id": "CVE-2012-1138", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1138" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1138" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aswe-3g48-wfgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2268?format=api", "vulnerability_id": "VCID-e4yc-a8j8-mqfq", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1133.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1133.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1133", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03525", "scoring_system": "epss", "scoring_elements": "0.87862", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03525", "scoring_system": "epss", "scoring_elements": "0.87883", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03525", "scoring_system": "epss", "scoring_elements": "0.87885", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.03525", "scoring_system": "epss", "scoring_elements": "0.87886", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1133" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800591", "reference_id": "800591", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800591" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1133", "reference_id": "CVE-2012-1133", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1133" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1133" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e4yc-a8j8-mqfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2264?format=api", "vulnerability_id": "VCID-fe3g-ww6q-hqa8", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1129.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1129.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1129", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86758", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.8678", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86778", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86775", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1129" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800585", "reference_id": "800585", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1129", "reference_id": "CVE-2012-1129", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1129" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1129" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fe3g-ww6q-hqa8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2272?format=api", "vulnerability_id": "VCID-g8bk-9bsd-p7bk", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1137.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1137.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1137", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86758", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.8678", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86778", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86775", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1137" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800595", "reference_id": "800595", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800595" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1137", "reference_id": "CVE-2012-1137", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1137" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0467", "reference_id": "RHSA-2012:0467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0467" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1137" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g8bk-9bsd-p7bk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2261?format=api", "vulnerability_id": "VCID-jqjv-gjbe-dbfg", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1126.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1126.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1126", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03091", "scoring_system": "epss", "scoring_elements": "0.87032", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03091", "scoring_system": "epss", "scoring_elements": "0.87054", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03091", "scoring_system": "epss", "scoring_elements": "0.87052", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.03091", "scoring_system": "epss", "scoring_elements": "0.87046", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1126" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800581", "reference_id": "800581", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800581" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1126", "reference_id": "CVE-2012-1126", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1126" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0467", "reference_id": "RHSA-2012:0467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0467" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1126" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jqjv-gjbe-dbfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2276?format=api", "vulnerability_id": "VCID-kemx-zuam-uqab", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1141.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1141.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1141", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86758", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.8678", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86778", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86775", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1141" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800602", "reference_id": "800602", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1141", "reference_id": "CVE-2012-1141", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1141" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0467", "reference_id": "RHSA-2012:0467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0467" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1141" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kemx-zuam-uqab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2271?format=api", "vulnerability_id": "VCID-kwd7-sv6y-eyh8", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1136.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1136.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1136", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04956", "scoring_system": "epss", "scoring_elements": "0.89835", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04956", "scoring_system": "epss", "scoring_elements": "0.89851", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.04956", "scoring_system": "epss", "scoring_elements": "0.89852", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.04956", "scoring_system": "epss", "scoring_elements": "0.89849", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1136" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800594", "reference_id": "800594", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800594" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1136", "reference_id": "CVE-2012-1136", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1136" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0467", "reference_id": "RHSA-2012:0467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0467" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1136" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kwd7-sv6y-eyh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2267?format=api", "vulnerability_id": "VCID-psxs-t1t2-bkba", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1132.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1132.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1132", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86758", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.8678", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86778", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86775", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1132" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800590", "reference_id": "800590", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800590" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1132", "reference_id": "CVE-2012-1132", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1132" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0467", "reference_id": "RHSA-2012:0467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0467" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1132" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-psxs-t1t2-bkba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2274?format=api", "vulnerability_id": "VCID-r47y-we15-pqg3", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1139.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1139.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1139", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86758", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.8678", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86778", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86775", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1139" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800598", "reference_id": "800598", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1139", "reference_id": "CVE-2012-1139", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1139" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0467", "reference_id": "RHSA-2012:0467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0467" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1139" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r47y-we15-pqg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2275?format=api", "vulnerability_id": "VCID-tvvd-q7nw-eyey", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1140.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1140.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1140", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86758", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.8678", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86778", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02967", "scoring_system": "epss", "scoring_elements": "0.86775", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1140" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800600", "reference_id": "800600", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800600" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1140", "reference_id": "CVE-2012-1140", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1140" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0467", "reference_id": "RHSA-2012:0467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0467" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1140" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tvvd-q7nw-eyey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2279?format=api", "vulnerability_id": "VCID-vx31-mywv-1fhr", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1144.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1144.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1144", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03525", "scoring_system": "epss", "scoring_elements": "0.87862", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03525", "scoring_system": "epss", "scoring_elements": "0.87883", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.03525", "scoring_system": "epss", "scoring_elements": "0.87885", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.03525", "scoring_system": "epss", "scoring_elements": "0.87886", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1144" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800607", "reference_id": "800607", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800607" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1144", "reference_id": "CVE-2012-1144", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1144" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0467", "reference_id": "RHSA-2012:0467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0467" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1144" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vx31-mywv-1fhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2277?format=api", "vulnerability_id": "VCID-xxs6-891m-t3bm", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1142.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1142.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1142", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04956", "scoring_system": "epss", "scoring_elements": "0.89835", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04956", "scoring_system": "epss", "scoring_elements": "0.89851", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.04956", "scoring_system": "epss", "scoring_elements": "0.89852", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.04956", "scoring_system": "epss", "scoring_elements": "0.89849", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1142" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800604", "reference_id": "800604", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800604" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1142", "reference_id": "CVE-2012-1142", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1142" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0467", "reference_id": "RHSA-2012:0467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0467" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1142" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xxs6-891m-t3bm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2269?format=api", "vulnerability_id": "VCID-z2q3-ejur-8uhb", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1134.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1134.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1134", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05858", "scoring_system": "epss", "scoring_elements": "0.90723", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.05858", "scoring_system": "epss", "scoring_elements": "0.90736", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.05858", "scoring_system": "epss", "scoring_elements": "0.90733", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1134" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800592", "reference_id": "800592", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800592" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1134", "reference_id": "CVE-2012-1134", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1134" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0467", "reference_id": "RHSA-2012:0467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0467" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1134" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z2q3-ejur-8uhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/2278?format=api", "vulnerability_id": "VCID-z66j-hvpb-9ydk", "summary": "Mateusz Jurczyk of the Google Security Team used the Address\nSanitizer tool to discover a series of memory safety bugs in the FreeType\nlibrary, some of which could cause memory corruption and exploitable crashes\nwith certain fonts and font parsing. Firefox Mobile has been upgraded to\nFreeType version 2.4.9 which addresses these issues. Desktop Firefox does not\nuse Freetype for fonts and was not affected.\nOn Linux systems, Firefox will use the installed system library for FreeType. Linux users should make sure they are current on system security updates.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1143.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1143.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1143", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02148", "scoring_system": "epss", "scoring_elements": "0.8455", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02148", "scoring_system": "epss", "scoring_elements": "0.84575", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02148", "scoring_system": "epss", "scoring_elements": "0.84579", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-1143" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864", "reference_id": "662864", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=800606", "reference_id": "800606", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=800606" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1143", "reference_id": "CVE-2012-1143", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1143" }, { "reference_url": "https://security.gentoo.org/glsa/201204-04", "reference_id": "GLSA-201204-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201204-04" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21", "reference_id": "mfsa2012-21", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2012-21" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2012:0467", "reference_id": "RHSA-2012:0467", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2012:0467" }, { "reference_url": "https://usn.ubuntu.com/1403-1/", "reference_id": "USN-1403-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1403-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/189372?format=api", "purl": "pkg:ebuild/media-libs/freetype@2.4.9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" } ], "aliases": [ "CVE-2012-1143" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z66j-hvpb-9ydk" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:ebuild/media-libs/freetype@2.4.9" }