Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
Typeapk
Namespacealpine
Nameffmpeg
Version4.0.2-r0
Qualifiers
arch ppc64le
distroversion v3.23
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version4.1-r0
Latest_non_vulnerable_version8.0-r0
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2838-eeg9-2kdy
vulnerability_id VCID-2838-eeg9-2kdy
summary FFmpeg before commit a7e032a277452366771951e29fd0bf2bd5c029f0 contains a use-after-free vulnerability in the realmedia demuxer that can result in vulnerability allows attacker to read heap memory. This attack appear to be exploitable via specially crafted RM file has to be provided as input. This vulnerability appears to have been fixed in a7e032a277452366771951e29fd0bf2bd5c029f0 and later.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1999013
reference_id
reference_type
scores
0
value 0.00558
scoring_system epss
scoring_elements 0.68587
published_at 2026-06-04T12:55:00Z
1
value 0.00558
scoring_system epss
scoring_elements 0.68629
published_at 2026-06-07T12:55:00Z
2
value 0.00558
scoring_system epss
scoring_elements 0.68636
published_at 2026-06-06T12:55:00Z
3
value 0.00558
scoring_system epss
scoring_elements 0.68614
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1999013
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10001
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10001
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12458
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12458
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13300
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13300
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13302
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13302
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14394
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14394
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999010
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999010
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999012
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999012
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999013
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999013
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6392
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6392
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6621
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6621
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7557
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7557
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
fixed_packages
0
url pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community
aliases CVE-2018-1999013
risk_score 1.1
exploitability 0.5
weighted_severity 2.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2838-eeg9-2kdy
1
url VCID-3rq4-zhb6-j7dp
vulnerability_id VCID-3rq4-zhb6-j7dp
summary FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that can result in a Vulnerability that allows attackers to consume excessive amount of resources like CPU and RAM. This attack appear to be exploitable via specially crafted PVA file has to be provided as input. This vulnerability appears to have been fixed in 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 and later.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1999012
reference_id
reference_type
scores
0
value 0.00586
scoring_system epss
scoring_elements 0.69447
published_at 2026-06-04T12:55:00Z
1
value 0.00586
scoring_system epss
scoring_elements 0.69486
published_at 2026-06-05T12:55:00Z
2
value 0.00586
scoring_system epss
scoring_elements 0.69494
published_at 2026-06-06T12:55:00Z
3
value 0.00586
scoring_system epss
scoring_elements 0.69485
published_at 2026-06-07T12:55:00Z
4
value 0.00586
scoring_system epss
scoring_elements 0.69473
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1999012
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10001
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10001
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12458
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12458
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13300
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13300
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13302
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13302
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14394
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14394
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999010
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999010
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999012
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999012
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999013
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999013
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6392
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6392
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6621
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6621
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7557
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7557
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
fixed_packages
0
url pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community
aliases CVE-2018-1999012
risk_score 0.8
exploitability 0.5
weighted_severity 1.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3rq4-zhb6-j7dp
2
url VCID-4xz4-aj8v-7yfh
vulnerability_id VCID-4xz4-aj8v-7yfh
summary FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution. This attack appears to be exploitable via specially crafted ASF file that has to be provided as input to FFmpeg. This vulnerability appears to have been fixed in 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 and later.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1999011
reference_id
reference_type
scores
0
value 0.03891
scoring_system epss
scoring_elements 0.88471
published_at 2026-06-04T12:55:00Z
1
value 0.03891
scoring_system epss
scoring_elements 0.88489
published_at 2026-06-05T12:55:00Z
2
value 0.03891
scoring_system epss
scoring_elements 0.88491
published_at 2026-06-06T12:55:00Z
3
value 0.03891
scoring_system epss
scoring_elements 0.8849
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1999011
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15822
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15822
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999011
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999011
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11338
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11338
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12730
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12730
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9718
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9718
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
fixed_packages
0
url pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community
aliases CVE-2018-1999011
risk_score 1.3
exploitability 0.5
weighted_severity 2.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4xz4-aj8v-7yfh
3
url VCID-f2km-113u-ebf9
vulnerability_id VCID-f2km-113u-ebf9
summary In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studio_profile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to error_resilience.c, h263dec.c, and mpeg4videodec.c.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-13304
reference_id
reference_type
scores
0
value 0.00284
scoring_system epss
scoring_elements 0.52057
published_at 2026-06-04T12:55:00Z
1
value 0.00284
scoring_system epss
scoring_elements 0.52117
published_at 2026-06-05T12:55:00Z
2
value 0.00284
scoring_system epss
scoring_elements 0.52127
published_at 2026-06-06T12:55:00Z
3
value 0.00284
scoring_system epss
scoring_elements 0.52106
published_at 2026-06-07T12:55:00Z
4
value 0.00284
scoring_system epss
scoring_elements 0.52075
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-13304
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13304
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13304
fixed_packages
0
url pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community
aliases CVE-2018-13304
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f2km-113u-ebf9
4
url VCID-npg3-py64-yfb7
vulnerability_id VCID-npg3-py64-yfb7
summary FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can result in DoS. This attack appear to be exploitable via specially crafted MXF file which has to be provided as input. This vulnerability appears to have been fixed in bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 and later.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1999014
reference_id
reference_type
scores
0
value 0.00498
scoring_system epss
scoring_elements 0.66235
published_at 2026-06-04T12:55:00Z
1
value 0.00498
scoring_system epss
scoring_elements 0.66286
published_at 2026-06-05T12:55:00Z
2
value 0.00498
scoring_system epss
scoring_elements 0.66295
published_at 2026-06-06T12:55:00Z
3
value 0.00498
scoring_system epss
scoring_elements 0.66279
published_at 2026-06-07T12:55:00Z
4
value 0.00498
scoring_system epss
scoring_elements 0.66266
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1999014
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999014
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999014
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
fixed_packages
0
url pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community
aliases CVE-2018-1999014
risk_score 0.8
exploitability 0.5
weighted_severity 1.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-npg3-py64-yfb7
5
url VCID-pqvf-jhht-vydb
vulnerability_id VCID-pqvf-jhht-vydb
summary In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-13301
reference_id
reference_type
scores
0
value 0.00261
scoring_system epss
scoring_elements 0.49687
published_at 2026-06-04T12:55:00Z
1
value 0.00261
scoring_system epss
scoring_elements 0.4975
published_at 2026-06-05T12:55:00Z
2
value 0.00261
scoring_system epss
scoring_elements 0.4976
published_at 2026-06-06T12:55:00Z
3
value 0.00261
scoring_system epss
scoring_elements 0.49742
published_at 2026-06-07T12:55:00Z
4
value 0.00261
scoring_system epss
scoring_elements 0.49712
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-13301
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13301
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13301
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
fixed_packages
0
url pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community
aliases CVE-2018-13301
risk_score 0.8
exploitability 0.5
weighted_severity 1.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pqvf-jhht-vydb
6
url VCID-t5zg-b95d-3ugp
vulnerability_id VCID-t5zg-b95d-3ugp
summary FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in cced03dd667a5df6df8fd40d8de0bff477ee02e8 and later.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1999010
reference_id
reference_type
scores
0
value 0.01604
scoring_system epss
scoring_elements 0.82057
published_at 2026-06-04T12:55:00Z
1
value 0.01604
scoring_system epss
scoring_elements 0.82087
published_at 2026-06-06T12:55:00Z
2
value 0.01604
scoring_system epss
scoring_elements 0.82089
published_at 2026-06-07T12:55:00Z
3
value 0.01604
scoring_system epss
scoring_elements 0.82082
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1999010
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10001
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10001
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12458
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12458
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13300
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13300
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13302
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13302
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14394
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14394
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999010
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999010
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999012
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999012
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999013
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999013
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6392
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6392
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6621
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6621
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7557
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7557
12
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
fixed_packages
0
url pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community
aliases CVE-2018-1999010
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t5zg-b95d-3ugp
7
url VCID-up3f-tvdr-jugc
vulnerability_id VCID-up3f-tvdr-jugc
summary FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASF_F format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to have been fixed in 5aba5b89d0b1d73164d3b81764828bb8b20ff32a and later.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1999015
reference_id
reference_type
scores
0
value 0.0061
scoring_system epss
scoring_elements 0.7014
published_at 2026-06-04T12:55:00Z
1
value 0.0061
scoring_system epss
scoring_elements 0.70183
published_at 2026-06-05T12:55:00Z
2
value 0.0061
scoring_system epss
scoring_elements 0.70192
published_at 2026-06-06T12:55:00Z
3
value 0.0061
scoring_system epss
scoring_elements 0.70175
published_at 2026-06-07T12:55:00Z
4
value 0.0061
scoring_system epss
scoring_elements 0.70163
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1999015
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999015
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1999015
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
fixed_packages
0
url pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl pkg:apk/alpine/ffmpeg@4.0.2-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community
aliases CVE-2018-1999015
risk_score 1.1
exploitability 0.5
weighted_severity 2.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-up3f-tvdr-jugc
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/ffmpeg@4.0.2-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community