Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/5007?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "type": "deb", "namespace": "debian", "name": "libgd2", "version": "2.2.4-2+deb9u5", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "2.3.3-9", "latest_non_vulnerable_version": "2.3.3-9", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7114?format=api", "vulnerability_id": "VCID-1q2y-e3kk-tkhf", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38115", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40725", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40803", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40808", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40779", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-38115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38115" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991912", "reference_id": "991912", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=991912" }, { "reference_url": "https://security.archlinux.org/AVG-2258", "reference_id": "AVG-2258", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2258" }, { "reference_url": "https://usn.ubuntu.com/5068-1/", "reference_id": "USN-5068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/807066?format=api", "purl": "pkg:deb/debian/libgd2@2.3.3-9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.3.3-9" } ], "aliases": [ "CVE-2021-38115" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1q2y-e3kk-tkhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76168?format=api", "vulnerability_id": "VCID-2dp1-1n8v-fye9", "summary": "When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11038.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11038.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11038", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.1054", "scoring_system": "epss", "scoring_elements": "0.93397", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.1054", "scoring_system": "epss", "scoring_elements": "0.93408", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.1054", "scoring_system": "epss", "scoring_elements": "0.93409", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11038" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11038" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11040" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11041", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11041" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13224" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724149", "reference_id": "1724149", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1724149" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821", "reference_id": "929821", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929821" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2519", "reference_id": "RHSA-2019:2519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3299", "reference_id": "RHSA-2019:3299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3299" }, { "reference_url": "https://usn.ubuntu.com/4316-1/", "reference_id": "USN-4316-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4316-1/" }, { "reference_url": "https://usn.ubuntu.com/4316-2/", "reference_id": "USN-4316-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4316-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5616?format=api", "purl": "pkg:deb/debian/libgd2@2.2.5-5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.5-5.2" } ], "aliases": [ "CVE-2019-11038" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2dp1-1n8v-fye9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4160?format=api", "vulnerability_id": "VCID-ah9z-dsuw-4yay", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6977.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6977.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6977", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.87883", "scoring_system": "epss", "scoring_elements": "0.99491", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.87883", "scoring_system": "epss", "scoring_elements": "0.99492", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672207", "reference_id": "1672207", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672207" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920645", "reference_id": "920645", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920645" }, { "reference_url": "https://security.archlinux.org/AVG-865", "reference_id": "AVG-865", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-865" }, { "reference_url": "https://github.com/cfreal/exploits/blob/1a671d1d8510e93a0b2607261e9b779562585fe2/CVE-2019-6977-imagecolormatch/exploit.php", "reference_id": "CVE-2019-6977", "reference_type": "exploit", "scores": [], "url": "https://github.com/cfreal/exploits/blob/1a671d1d8510e93a0b2607261e9b779562585fe2/CVE-2019-6977-imagecolormatch/exploit.php" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/46677.php", "reference_id": "CVE-2019-6977", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/46677.php" }, { "reference_url": "https://security.gentoo.org/glsa/201903-18", "reference_id": "GLSA-201903-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2519", "reference_id": "RHSA-2019:2519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3299", "reference_id": "RHSA-2019:3299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3299" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4659", "reference_id": "RHSA-2020:4659", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4659" }, { "reference_url": "https://usn.ubuntu.com/3900-1/", "reference_id": "USN-3900-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3900-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5616?format=api", "purl": "pkg:deb/debian/libgd2@2.2.5-5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.5-5.2" } ], "aliases": [ "CVE-2019-6977" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ah9z-dsuw-4yay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4161?format=api", "vulnerability_id": "VCID-f61f-hcan-3kag", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5711.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5711.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5711", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.10274", "scoring_system": "epss", "scoring_elements": "0.93312", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.10274", "scoring_system": "epss", "scoring_elements": "0.933", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.10274", "scoring_system": "epss", "scoring_elements": "0.9331", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.10274", "scoring_system": "epss", "scoring_elements": "0.93311", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11142", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11142" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11143", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11143" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11144", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11144" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12933" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16642", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16642" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5711", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5711" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5712", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5712" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535246", "reference_id": "1535246", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535246" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887485", "reference_id": "887485", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=887485" }, { "reference_url": "https://security.archlinux.org/AVG-865", "reference_id": "AVG-865", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-865" }, { "reference_url": "https://security.gentoo.org/glsa/201903-18", "reference_id": "GLSA-201903-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1296", "reference_id": "RHSA-2018:1296", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1296" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2519", "reference_id": "RHSA-2019:2519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2519" }, { "reference_url": "https://usn.ubuntu.com/3755-1/", "reference_id": "USN-3755-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3755-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5616?format=api", "purl": "pkg:deb/debian/libgd2@2.2.5-5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.5-5.2" } ], "aliases": [ "CVE-2018-5711" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f61f-hcan-3kag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76159?format=api", "vulnerability_id": "VCID-mmz8-qzzx-gkgv", "summary": "Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6362.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6362.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6362", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80618", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80594", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80619", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80621", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6362" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489842", "reference_id": "1489842", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489842" }, { "reference_url": "https://usn.ubuntu.com/3410-1/", "reference_id": "USN-3410-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3410-1/" }, { "reference_url": "https://usn.ubuntu.com/3410-2/", "reference_id": "USN-3410-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3410-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5616?format=api", "purl": "pkg:deb/debian/libgd2@2.2.5-5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.5-5.2" } ], "aliases": [ "CVE-2017-6362" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mmz8-qzzx-gkgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4162?format=api", "vulnerability_id": "VCID-n9rj-dt33-23fq", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000222.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000222.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000222", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00897", "scoring_system": "epss", "scoring_elements": "0.76013", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00897", "scoring_system": "epss", "scoring_elements": "0.76038", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00897", "scoring_system": "epss", "scoring_elements": "0.7603", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-1000222" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000222", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000222" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1621953", "reference_id": "1621953", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1621953" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906886", "reference_id": "906886", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=906886" }, { "reference_url": "https://security.archlinux.org/AVG-865", "reference_id": "AVG-865", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-865" }, { "reference_url": "https://security.gentoo.org/glsa/201903-18", "reference_id": "GLSA-201903-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-18" }, { "reference_url": "https://usn.ubuntu.com/3755-1/", "reference_id": "USN-3755-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3755-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5616?format=api", "purl": "pkg:deb/debian/libgd2@2.2.5-5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.5-5.2" } ], "aliases": [ "CVE-2018-1000222" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n9rj-dt33-23fq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7113?format=api", "vulnerability_id": "VCID-phqx-kavt-n3hh", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40145", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00588", "scoring_system": "epss", "scoring_elements": "0.69522", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00588", "scoring_system": "epss", "scoring_elements": "0.69561", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00588", "scoring_system": "epss", "scoring_elements": "0.69569", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00588", "scoring_system": "epss", "scoring_elements": "0.69559", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40145" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40145", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40145" }, { "reference_url": "https://security.archlinux.org/AVG-2258", "reference_id": "AVG-2258", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2258" }, { "reference_url": "https://usn.ubuntu.com/5068-1/", "reference_id": "USN-5068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/807066?format=api", "purl": "pkg:deb/debian/libgd2@2.3.3-9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.3.3-9" } ], "aliases": [ "CVE-2021-40145" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-phqx-kavt-n3hh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4159?format=api", "vulnerability_id": "VCID-s5y9-es4d-ubf4", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6978.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6978.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6978", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86719", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86698", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86716", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.8672", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671390", "reference_id": "1671390", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671390" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920728", "reference_id": "920728", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920728" }, { "reference_url": "https://security.archlinux.org/AVG-865", "reference_id": "AVG-865", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-865" }, { "reference_url": "https://security.gentoo.org/glsa/201903-18", "reference_id": "GLSA-201903-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2722", "reference_id": "RHSA-2019:2722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3943", "reference_id": "RHSA-2020:3943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4659", "reference_id": "RHSA-2020:4659", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4659" }, { "reference_url": "https://usn.ubuntu.com/3900-1/", "reference_id": "USN-3900-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3900-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5616?format=api", "purl": "pkg:deb/debian/libgd2@2.2.5-5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.5-5.2" } ], "aliases": [ "CVE-2019-6978" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s5y9-es4d-ubf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76167?format=api", "vulnerability_id": "VCID-sxpu-ax7r-v3d3", "summary": "gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14553.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14553.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14553", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.77103", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.77134", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.77144", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00979", "scoring_system": "epss", "scoring_elements": "0.77133", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-14553" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14553", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14553" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1600727", "reference_id": "1600727", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1600727" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951287", "reference_id": "951287", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951287" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4659", "reference_id": "RHSA-2020:4659", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4659" }, { "reference_url": "https://usn.ubuntu.com/4316-1/", "reference_id": "USN-4316-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4316-1/" }, { "reference_url": "https://usn.ubuntu.com/4316-2/", "reference_id": "USN-4316-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4316-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/518710?format=api", "purl": "pkg:deb/debian/libgd2@2.3.0-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.3.0-2" } ], "aliases": [ "CVE-2018-14553" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sxpu-ax7r-v3d3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76162?format=api", "vulnerability_id": "VCID-tw3k-f4zp-pff5", "summary": "In the GD Graphics Library (aka LibGD) through 2.2.5, there is a heap-based buffer over-read in tiffWriter in gd_tiff.c. NOTE: the vendor says \"In my opinion this issue should not have a CVE, since the GD and GD2 formats are documented to be 'obsolete, and should only be used for development and testing purposes.'", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6363", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00422", "scoring_system": "epss", "scoring_elements": "0.62398", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00422", "scoring_system": "epss", "scoring_elements": "0.62444", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00422", "scoring_system": "epss", "scoring_elements": "0.62453", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00422", "scoring_system": "epss", "scoring_elements": "0.62443", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6363" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6363", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6363" }, { "reference_url": "https://usn.ubuntu.com/5068-1/", "reference_id": "USN-5068-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5068-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/518710?format=api", "purl": "pkg:deb/debian/libgd2@2.3.0-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.3.0-2" } ], "aliases": [ "CVE-2017-6363" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tw3k-f4zp-pff5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76164?format=api", "vulnerability_id": "VCID-u49t-hum7-9ffk", "summary": "The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7890.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7890.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.30217", "scoring_system": "epss", "scoring_elements": "0.96779", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.30217", "scoring_system": "epss", "scoring_elements": "0.9677", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.30217", "scoring_system": "epss", "scoring_elements": "0.96774", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.30217", "scoring_system": "epss", "scoring_elements": "0.96778", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473822", "reference_id": "1473822", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473822" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869263", "reference_id": "869263", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0406", "reference_id": "RHSA-2018:0406", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0406" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1296", "reference_id": "RHSA-2018:1296", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1296" }, { "reference_url": "https://usn.ubuntu.com/3389-1/", "reference_id": "USN-3389-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3389-1/" }, { "reference_url": "https://usn.ubuntu.com/3389-2/", "reference_id": "USN-3389-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3389-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5616?format=api", "purl": "pkg:deb/debian/libgd2@2.2.5-5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.5-5.2" } ], "aliases": [ "CVE-2017-7890" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u49t-hum7-9ffk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7112?format=api", "vulnerability_id": "VCID-vjvh-efm4-wyes", "summary": "multiple issues", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40812", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.3377", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33668", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.3375", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33785", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-40812" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40812", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40812" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/libgd/libgd/commit/6f5136821be86e7068fcdf651ae9420b5d42e9a9", "reference_id": "6f5136821be86e7068fcdf651ae9420b5d42e9a9", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-30T16:15:07Z/" } ], "url": "https://github.com/libgd/libgd/commit/6f5136821be86e7068fcdf651ae9420b5d42e9a9" }, { "reference_url": "https://github.com/libgd/libgd/issues/750#issuecomment-914872385", "reference_id": "750#issuecomment-914872385", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-30T16:15:07Z/" } ], "url": "https://github.com/libgd/libgd/issues/750#issuecomment-914872385" }, { "reference_url": "https://security.archlinux.org/AVG-2258", "reference_id": "AVG-2258", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2258" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-30T16:15:07Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00003.html" }, { "reference_url": "https://usn.ubuntu.com/7112-1/", "reference_id": "USN-7112-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7112-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/807066?format=api", "purl": "pkg:deb/debian/libgd2@2.3.3-9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.3.3-9" } ], "aliases": [ "CVE-2021-40812" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vjvh-efm4-wyes" } ], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76155?format=api", "vulnerability_id": "VCID-1gxu-d276-cbhc", "summary": "The gdImageCreate function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (system hang) via an oversized image.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9317.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9317.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9317", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0074", "scoring_system": "epss", "scoring_elements": "0.73296", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0074", "scoring_system": "epss", "scoring_elements": "0.73332", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0074", "scoring_system": "epss", "scoring_elements": "0.73338", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0074", "scoring_system": "epss", "scoring_elements": "0.73324", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1417987", "reference_id": "1417987", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1417987" }, { "reference_url": "https://usn.ubuntu.com/3213-1/", "reference_id": "USN-3213-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3213-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-9317" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1gxu-d276-cbhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76121?format=api", "vulnerability_id": "VCID-2acw-93jf-vub1", "summary": "Stack consumption vulnerability in GD in PHP before 5.6.12 allows remote attackers to cause a denial of service via a crafted imagefilltoborder call.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8874.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8874.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8874", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04079", "scoring_system": "epss", "scoring_elements": "0.88757", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04079", "scoring_system": "epss", "scoring_elements": "0.88774", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.04079", "scoring_system": "epss", "scoring_elements": "0.88773", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8874" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8874", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8874" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8877" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1336772", "reference_id": "1336772", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1336772" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=824627", "reference_id": "824627", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=824627" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2987-1/", "reference_id": "USN-2987-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2987-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2015-8874" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2acw-93jf-vub1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76139?format=api", "vulnerability_id": "VCID-51xr-sq24-vqdh", "summary": "The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA image.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6905.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6905.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01408", "scoring_system": "epss", "scoring_elements": "0.80822", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01408", "scoring_system": "epss", "scoring_elements": "0.80849", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01408", "scoring_system": "epss", "scoring_elements": "0.8085", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01408", "scoring_system": "epss", "scoring_elements": "0.80848", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6905" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1356485", "reference_id": "1356485", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1356485" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-6905" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-51xr-sq24-vqdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76123?format=api", "vulnerability_id": "VCID-747j-a5t9-jbh2", "summary": "Integer underflow in the _gdContributionsAlloc function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10166.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10166.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10166", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06873", "scoring_system": "epss", "scoring_elements": "0.91531", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.06873", "scoring_system": "epss", "scoring_elements": "0.91544", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.06873", "scoring_system": "epss", "scoring_elements": "0.91546", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.06873", "scoring_system": "epss", "scoring_elements": "0.91543", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10166" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418983", "reference_id": "1418983", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418983" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2519", "reference_id": "RHSA-2019:2519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3299", "reference_id": "RHSA-2019:3299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3299" }, { "reference_url": "https://usn.ubuntu.com/3213-1/", "reference_id": "USN-3213-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3213-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-10166" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-747j-a5t9-jbh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76144?format=api", "vulnerability_id": "VCID-9fne-q3yd-zub5", "summary": "Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via large width and height values.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6912.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6912.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6912", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65017", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.6506", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65071", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00472", "scoring_system": "epss", "scoring_elements": "0.65059", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1417977", "reference_id": "1417977", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1417977" }, { "reference_url": "https://usn.ubuntu.com/3213-1/", "reference_id": "USN-3213-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3213-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-6912" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9fne-q3yd-zub5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76132?format=api", "vulnerability_id": "VCID-9zpe-9dfy-fuh1", "summary": "The output function in gd_gif_out.c in the GD Graphics Library (aka libgd) allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted image.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6161.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6161.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6161", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.7116", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.71203", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.71209", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00647", "scoring_system": "epss", "scoring_elements": "0.71192", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353550", "reference_id": "1353550", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353550" }, { "reference_url": "https://usn.ubuntu.com/3030-1/", "reference_id": "USN-3030-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3030-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-6161" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9zpe-9dfy-fuh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76126?format=api", "vulnerability_id": "VCID-agay-5tse-xqbw", "summary": "Integer signedness error in GD Graphics Library 2.1.1 (aka libgd or libgd2) allows remote attackers to cause a denial of service (crash) or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3074.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3074.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3074", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.60488", "scoring_system": "epss", "scoring_elements": "0.98311", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.60488", "scoring_system": "epss", "scoring_elements": "0.98315", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-3074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5094" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5095", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5095" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5096", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5096" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1321893", "reference_id": "1321893", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1321893" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822242", "reference_id": "822242", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822242" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/39736.txt", "reference_id": "CVE-2016-3074", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/39736.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201607-04", "reference_id": "GLSA-201607-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201607-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2987-1/", "reference_id": "USN-2987-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2987-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4304?format=api", "purl": "pkg:deb/debian/libgd2@2.0.36~rc1~dfsg-6.1%2Bdeb7u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-3qud-akea-9ugs" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fcm-gw6g-cqdw" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.0.36~rc1~dfsg-6.1%252Bdeb7u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-3074" ], "risk_score": 5.0, "exploitability": "2.0", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-agay-5tse-xqbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4160?format=api", "vulnerability_id": "VCID-ah9z-dsuw-4yay", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6977.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6977.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6977", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.87883", "scoring_system": "epss", "scoring_elements": "0.99491", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.87883", "scoring_system": "epss", "scoring_elements": "0.99492", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672207", "reference_id": "1672207", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1672207" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920645", "reference_id": "920645", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920645" }, { "reference_url": "https://security.archlinux.org/AVG-865", "reference_id": "AVG-865", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-865" }, { "reference_url": "https://github.com/cfreal/exploits/blob/1a671d1d8510e93a0b2607261e9b779562585fe2/CVE-2019-6977-imagecolormatch/exploit.php", "reference_id": "CVE-2019-6977", "reference_type": "exploit", "scores": [], "url": "https://github.com/cfreal/exploits/blob/1a671d1d8510e93a0b2607261e9b779562585fe2/CVE-2019-6977-imagecolormatch/exploit.php" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/46677.php", "reference_id": "CVE-2019-6977", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/46677.php" }, { "reference_url": "https://security.gentoo.org/glsa/201903-18", "reference_id": "GLSA-201903-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2519", "reference_id": "RHSA-2019:2519", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2519" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:3299", "reference_id": "RHSA-2019:3299", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:3299" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4659", "reference_id": "RHSA-2020:4659", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4659" }, { "reference_url": "https://usn.ubuntu.com/3900-1/", "reference_id": "USN-3900-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3900-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/5616?format=api", "purl": "pkg:deb/debian/libgd2@2.2.5-5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.5-5.2" } ], "aliases": [ "CVE-2019-6977" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ah9z-dsuw-4yay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76141?format=api", "vulnerability_id": "VCID-ayrd-pwjy-ryet", "summary": "The read_image_tga function in gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file, related to the decompression buffer.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6906.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6906.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6906", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.6386", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.63903", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.6391", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00448", "scoring_system": "epss", "scoring_elements": "0.639", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1435313", "reference_id": "1435313", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1435313" }, { "reference_url": "https://usn.ubuntu.com/3213-1/", "reference_id": "USN-3213-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3213-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-6906" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ayrd-pwjy-ryet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76122?format=api", "vulnerability_id": "VCID-hghm-njcu-audc", "summary": "The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8877.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8877.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8877", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02317", "scoring_system": "epss", "scoring_elements": "0.85081", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02317", "scoring_system": "epss", "scoring_elements": "0.85105", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02317", "scoring_system": "epss", "scoring_elements": "0.85109", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02317", "scoring_system": "epss", "scoring_elements": "0.85104", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8874", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8874" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8877" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338907", "reference_id": "1338907", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1338907" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/2987-1/", "reference_id": "USN-2987-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2987-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2015-8877" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hghm-njcu-audc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76130?format=api", "vulnerability_id": "VCID-jvzj-485k-4fcw", "summary": "The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6128.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6128.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6128", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09006", "scoring_system": "epss", "scoring_elements": "0.92777", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.09006", "scoring_system": "epss", "scoring_elements": "0.92772", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.12098", "scoring_system": "epss", "scoring_elements": "0.9393", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.12098", "scoring_system": "epss", "scoring_elements": "0.93939", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351603", "reference_id": "1351603", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351603" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829062", "reference_id": "829062", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829062" }, { "reference_url": "https://security.gentoo.org/glsa/201612-09", "reference_id": "GLSA-201612-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/3030-1/", "reference_id": "USN-3030-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3030-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-6128" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jvzj-485k-4fcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6755?format=api", "vulnerability_id": "VCID-k417-e3eb-g7h7", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7568.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7568.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7568", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03421", "scoring_system": "epss", "scoring_elements": "0.87667", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03421", "scoring_system": "epss", "scoring_elements": "0.87689", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.03421", "scoring_system": "epss", "scoring_elements": "0.8769", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7568" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7568" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1380450", "reference_id": "1380450", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1380450" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839659", "reference_id": "839659", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839659" }, { "reference_url": "https://security.archlinux.org/ASA-201611-19", "reference_id": "ASA-201611-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-19" }, { "reference_url": "https://security.archlinux.org/AVG-58", "reference_id": "AVG-58", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-58" }, { "reference_url": "https://security.gentoo.org/glsa/201612-09", "reference_id": "GLSA-201612-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-09" }, { "reference_url": "https://usn.ubuntu.com/3117-1/", "reference_id": "USN-3117-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3117-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-7568" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k417-e3eb-g7h7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76134?format=api", "vulnerability_id": "VCID-mjr6-8pyz-tbbc", "summary": "Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6207.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6207.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08719", "scoring_system": "epss", "scoring_elements": "0.92637", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.08719", "scoring_system": "epss", "scoring_elements": "0.9265", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.08719", "scoring_system": "epss", "scoring_elements": "0.92646", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.08719", "scoring_system": "epss", "scoring_elements": "0.92641", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6207" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359800", "reference_id": "1359800", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1359800" }, { "reference_url": "https://security.gentoo.org/glsa/201612-09", "reference_id": "GLSA-201612-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/3060-1/", "reference_id": "USN-3060-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3060-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-6207" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mjr6-8pyz-tbbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76159?format=api", "vulnerability_id": "VCID-mmz8-qzzx-gkgv", "summary": "Double free vulnerability in the gdImagePngPtr function in libgd2 before 2.2.5 allows remote attackers to cause a denial of service via vectors related to a palette with no colors.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6362.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-6362.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6362", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80618", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80594", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80619", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01378", "scoring_system": "epss", "scoring_elements": "0.80621", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-6362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6362" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489842", "reference_id": "1489842", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1489842" }, { "reference_url": "https://usn.ubuntu.com/3410-1/", "reference_id": "USN-3410-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3410-1/" }, { "reference_url": "https://usn.ubuntu.com/3410-2/", "reference_id": "USN-3410-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3410-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/5616?format=api", "purl": "pkg:deb/debian/libgd2@2.2.5-5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.5-5.2" } ], "aliases": [ "CVE-2017-6362" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mmz8-qzzx-gkgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6752?format=api", "vulnerability_id": "VCID-n7ad-auw3-ffbf", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9933.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9933.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9933", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08286", "scoring_system": "epss", "scoring_elements": "0.924", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.08286", "scoring_system": "epss", "scoring_elements": "0.92391", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.08286", "scoring_system": "epss", "scoring_elements": "0.92395", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.08286", "scoring_system": "epss", "scoring_elements": "0.92404", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-9933" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9138", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9138" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9933" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9934" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404723", "reference_id": "1404723", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1404723" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849038", "reference_id": "849038", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849038" }, { "reference_url": "https://security.archlinux.org/ASA-201611-19", "reference_id": "ASA-201611-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-19" }, { "reference_url": "https://security.archlinux.org/AVG-58", "reference_id": "AVG-58", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-58" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1296", "reference_id": "RHSA-2018:1296", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1296" }, { "reference_url": "https://usn.ubuntu.com/3213-1/", "reference_id": "USN-3213-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3213-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-9933" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n7ad-auw3-ffbf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6754?format=api", "vulnerability_id": "VCID-nhyy-v6r3-4bdm", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8670.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8670.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8670", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01746", "scoring_system": "epss", "scoring_elements": "0.82886", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01746", "scoring_system": "epss", "scoring_elements": "0.82912", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01746", "scoring_system": "epss", "scoring_elements": "0.82908", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-8670" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7568" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1391068", "reference_id": "1391068", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1391068" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840805", "reference_id": "840805", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840805" }, { "reference_url": "https://security.archlinux.org/ASA-201611-19", "reference_id": "ASA-201611-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-19" }, { "reference_url": "https://security.archlinux.org/AVG-58", "reference_id": "AVG-58", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-58" }, { "reference_url": "https://usn.ubuntu.com/3117-1/", "reference_id": "USN-3117-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3117-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-8670" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nhyy-v6r3-4bdm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76127?format=api", "vulnerability_id": "VCID-q426-7jze-9fd7", "summary": "gd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service (stack-based buffer under-read and application crash) via a long name.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5116.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5116.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5116", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02396", "scoring_system": "epss", "scoring_elements": "0.85327", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02396", "scoring_system": "epss", "scoring_elements": "0.85351", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02396", "scoring_system": "epss", "scoring_elements": "0.85356", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02396", "scoring_system": "epss", "scoring_elements": "0.8535", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340856", "reference_id": "1340856", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340856" }, { "reference_url": "https://usn.ubuntu.com/3030-1/", "reference_id": "USN-3030-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3030-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-5116" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q426-7jze-9fd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/4159?format=api", "vulnerability_id": "VCID-s5y9-es4d-ubf4", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6978.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-6978.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6978", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86719", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86698", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.86716", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02941", "scoring_system": "epss", "scoring_elements": "0.8672", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-6978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6978" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671390", "reference_id": "1671390", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671390" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920728", "reference_id": "920728", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920728" }, { "reference_url": "https://security.archlinux.org/AVG-865", "reference_id": "AVG-865", "reference_type": "", "scores": [ { "value": "Critical", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-865" }, { "reference_url": "https://security.gentoo.org/glsa/201903-18", "reference_id": "GLSA-201903-18", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201903-18" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:2722", "reference_id": "RHSA-2019:2722", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:2722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:3943", "reference_id": "RHSA-2020:3943", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:3943" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:4659", "reference_id": "RHSA-2020:4659", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:4659" }, { "reference_url": "https://usn.ubuntu.com/3900-1/", "reference_id": "USN-3900-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3900-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/5616?format=api", "purl": "pkg:deb/debian/libgd2@2.2.5-5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.5-5.2" } ], "aliases": [ "CVE-2019-6978" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s5y9-es4d-ubf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76131?format=api", "vulnerability_id": "VCID-sj9f-wqdq-3fcu", "summary": "The gdImageCreateFromTgaCtx function in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6132.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6132.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6132", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02125", "scoring_system": "epss", "scoring_elements": "0.84471", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02125", "scoring_system": "epss", "scoring_elements": "0.84495", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02125", "scoring_system": "epss", "scoring_elements": "0.84499", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02125", "scoring_system": "epss", "scoring_elements": "0.84492", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1352544", "reference_id": "1352544", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1352544" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829694", "reference_id": "829694", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829694" }, { "reference_url": "https://security.gentoo.org/glsa/201612-09", "reference_id": "GLSA-201612-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-09" }, { "reference_url": "https://usn.ubuntu.com/3060-1/", "reference_id": "USN-3060-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3060-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-6132" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sj9f-wqdq-3fcu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76164?format=api", "vulnerability_id": "VCID-u49t-hum7-9ffk", "summary": "The GIF decoding function gdImageCreateFromGifCtx in gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read ~700 bytes from the top of the stack, potentially disclosing sensitive information.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7890.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7890.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.30217", "scoring_system": "epss", "scoring_elements": "0.96779", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.30217", "scoring_system": "epss", "scoring_elements": "0.9677", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.30217", "scoring_system": "epss", "scoring_elements": "0.96774", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.30217", "scoring_system": "epss", "scoring_elements": "0.96778", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-7890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7890" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473822", "reference_id": "1473822", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473822" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869263", "reference_id": "869263", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0406", "reference_id": "RHSA-2018:0406", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0406" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1296", "reference_id": "RHSA-2018:1296", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1296" }, { "reference_url": "https://usn.ubuntu.com/3389-1/", "reference_id": "USN-3389-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3389-1/" }, { "reference_url": "https://usn.ubuntu.com/3389-2/", "reference_id": "USN-3389-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3389-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" }, { "url": "http://public2.vulnerablecode.io/api/packages/5616?format=api", "purl": "pkg:deb/debian/libgd2@2.2.5-5.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.5-5.2" } ], "aliases": [ "CVE-2017-7890" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u49t-hum7-9ffk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76137?format=api", "vulnerability_id": "VCID-v6wp-snfa-kyfk", "summary": "gd_tga.c in the GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6214.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6214.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6214", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02222", "scoring_system": "epss", "scoring_elements": "0.84805", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02222", "scoring_system": "epss", "scoring_elements": "0.84829", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02222", "scoring_system": "epss", "scoring_elements": "0.84833", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02222", "scoring_system": "epss", "scoring_elements": "0.84827", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6214" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1356466", "reference_id": "1356466", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1356466" }, { "reference_url": "https://usn.ubuntu.com/3060-1/", "reference_id": "USN-3060-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3060-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-6214" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v6wp-snfa-kyfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76115?format=api", "vulnerability_id": "VCID-wdcy-9v3g-xqaz", "summary": "gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7456.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7456.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7456", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01328", "scoring_system": "epss", "scoring_elements": "0.80272", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01328", "scoring_system": "epss", "scoring_elements": "0.80298", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01328", "scoring_system": "epss", "scoring_elements": "0.80301", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01328", "scoring_system": "epss", "scoring_elements": "0.80297", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7456" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7456" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8874", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8874" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5094", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5094" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5095", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5095" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5096", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5096" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340433", "reference_id": "1340433", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1340433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://usn.ubuntu.com/3030-1/", "reference_id": "USN-3030-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3030-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2013-7456" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wdcy-9v3g-xqaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76128?format=api", "vulnerability_id": "VCID-x4mv-43g5-nke4", "summary": "Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5766.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5766.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5766", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16232", "scoring_system": "epss", "scoring_elements": "0.94938", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.18313", "scoring_system": "epss", "scoring_elements": "0.95345", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.18313", "scoring_system": "epss", "scoring_elements": "0.95347", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.18313", "scoring_system": "epss", "scoring_elements": "0.95349", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-5766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6128" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6161", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6161" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6214" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6905" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351068", "reference_id": "1351068", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1351068" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829014", "reference_id": "829014", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=829014" }, { "reference_url": "https://security.gentoo.org/glsa/201612-09", "reference_id": "GLSA-201612-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2598", "reference_id": "RHSA-2016:2598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2750", "reference_id": "RHSA-2016:2750", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2750" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5443", "reference_id": "RHSA-2020:5443", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5443" }, { "reference_url": "https://usn.ubuntu.com/3030-1/", "reference_id": "USN-3030-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3030-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-5766" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x4mv-43g5-nke4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6757?format=api", "vulnerability_id": "VCID-xg2k-447u-v3a7", "summary": "multiple issues", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6911.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6911.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.71034", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.70985", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.71017", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.71027", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-6911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7568", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7568" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8670" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388787", "reference_id": "1388787", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1388787" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840806", "reference_id": "840806", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=840806" }, { "reference_url": "https://security.archlinux.org/ASA-201611-19", "reference_id": "ASA-201611-19", "reference_type": "", "scores": [], "url": "https://security.archlinux.org/ASA-201611-19" }, { "reference_url": "https://security.archlinux.org/AVG-58", "reference_id": "AVG-58", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-58" }, { "reference_url": "https://usn.ubuntu.com/3117-1/", "reference_id": "USN-3117-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3117-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-6911" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xg2k-447u-v3a7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76125?format=api", "vulnerability_id": "VCID-ycsd-7h8w-z3dc", "summary": "Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10168.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10168.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10168", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.70019", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.7006", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.70069", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.70051", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:P/I:P/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418986", "reference_id": "1418986", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418986" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3221", "reference_id": "RHSA-2017:3221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1296", "reference_id": "RHSA-2018:1296", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1296" }, { "reference_url": "https://usn.ubuntu.com/3213-1/", "reference_id": "USN-3213-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3213-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-10168" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ycsd-7h8w-z3dc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76124?format=api", "vulnerability_id": "VCID-zmw1-xfeg-ufhv", "summary": "The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10167.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10167.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10167", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72384", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72426", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72432", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72413", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10166" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10167" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9317" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "1.9", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:N/I:N/A:P" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418984", "reference_id": "1418984", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1418984" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:3221", "reference_id": "RHSA-2017:3221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2017:3221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1296", "reference_id": "RHSA-2018:1296", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:1296" }, { "reference_url": "https://usn.ubuntu.com/3213-1/", "reference_id": "USN-3213-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3213-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/4306?format=api", "purl": "pkg:deb/debian/libgd2@2.1.0-5%2Bdeb8u11", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1gxu-d276-cbhc" }, { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2acw-93jf-vub1" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-51xr-sq24-vqdh" }, { "vulnerability": "VCID-747j-a5t9-jbh2" }, { "vulnerability": "VCID-9fne-q3yd-zub5" }, { "vulnerability": "VCID-9zpe-9dfy-fuh1" }, { "vulnerability": "VCID-agay-5tse-xqbw" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-ayrd-pwjy-ryet" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-hghm-njcu-audc" }, { "vulnerability": "VCID-jvzj-485k-4fcw" }, { "vulnerability": "VCID-k417-e3eb-g7h7" }, { "vulnerability": "VCID-mjr6-8pyz-tbbc" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n7ad-auw3-ffbf" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-nhyy-v6r3-4bdm" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-q426-7jze-9fd7" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sj9f-wqdq-3fcu" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-v6wp-snfa-kyfk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" }, { "vulnerability": "VCID-wdcy-9v3g-xqaz" }, { "vulnerability": "VCID-x4mv-43g5-nke4" }, { "vulnerability": "VCID-xg2k-447u-v3a7" }, { "vulnerability": "VCID-ycsd-7h8w-z3dc" }, { "vulnerability": "VCID-zmw1-xfeg-ufhv" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.1.0-5%252Bdeb8u11" }, { "url": "http://public2.vulnerablecode.io/api/packages/5007?format=api", "purl": "pkg:deb/debian/libgd2@2.2.4-2%2Bdeb9u5", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1q2y-e3kk-tkhf" }, { "vulnerability": "VCID-2dp1-1n8v-fye9" }, { "vulnerability": "VCID-ah9z-dsuw-4yay" }, { "vulnerability": "VCID-f61f-hcan-3kag" }, { "vulnerability": "VCID-mmz8-qzzx-gkgv" }, { "vulnerability": "VCID-n9rj-dt33-23fq" }, { "vulnerability": "VCID-phqx-kavt-n3hh" }, { "vulnerability": "VCID-s5y9-es4d-ubf4" }, { "vulnerability": "VCID-sxpu-ax7r-v3d3" }, { "vulnerability": "VCID-tw3k-f4zp-pff5" }, { "vulnerability": "VCID-u49t-hum7-9ffk" }, { "vulnerability": "VCID-vjvh-efm4-wyes" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" } ], "aliases": [ "CVE-2016-10167" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zmw1-xfeg-ufhv" } ], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgd2@2.2.4-2%252Bdeb9u5" }