Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/924361?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/924361?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4~hg15968-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "graphicsmagick", "version": "1.4~hg15968-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1.4~hg15976-1", "latest_non_vulnerable_version": "1.4+really1.3.46-2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93904?format=api", "vulnerability_id": "VCID-4pd9-uv1z-6qfx", "summary": "In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WriteMATLABImage of coders/mat.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to ExportRedQuantumType in magick/export.c.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11506", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.80983", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.80992", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81015", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81014", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81042", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81049", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81066", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81053", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81045", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81083", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81084", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01488", "scoring_system": "epss", "scoring_elements": "0.81081", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11506" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11506", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11506" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/924361?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4~hg15968-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4~hg15968-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924306?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.36%2Bhg16481-2%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.36%252Bhg16481-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924304?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.40-4%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.40-4%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924308?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.45%2Bhg17696-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.45%252Bhg17696-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924307?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.46-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.46-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11506" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4pd9-uv1z-6qfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93874?format=api", "vulnerability_id": "VCID-bh46-tx2w-8bfq", "summary": "In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buffer overflow in the function SVGStartElement of coders/svg.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a quoted font family value.", "references": [ { "reference_url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b6fb77d7d54d", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b6fb77d7d54d" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11005", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.84622", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.846", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.8462", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.84522", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.84537", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.84559", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.84562", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.84584", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.8459", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.84609", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02255", "scoring_system": "epss", "scoring_elements": "0.84604", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11005" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://sourceforge.net/p/graphicsmagick/bugs/600/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceforge.net/p/graphicsmagick/bugs/600/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4640" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029", "reference_id": "927029", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11005", "reference_id": "CVE-2019-11005", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11005" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/924361?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4~hg15968-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4~hg15968-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924306?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.36%2Bhg16481-2%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.36%252Bhg16481-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924304?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.40-4%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.40-4%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924308?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.45%2Bhg17696-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.45%252Bhg17696-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924307?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.46-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.46-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11005" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bh46-tx2w-8bfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93903?format=api", "vulnerability_id": "VCID-cxs4-yude-jba3", "summary": "In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, there is a heap-based buffer overflow in the function WritePDBImage of coders/pdb.c, which allows an attacker to cause a denial of service or possibly have unspecified other impact via a crafted image file. This is related to MagickBitStreamMSBWrite in magick/bit_stream.c.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11505", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.7827", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78187", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78196", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78226", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78208", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78235", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.7824", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78265", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78248", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78244", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78275", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01121", "scoring_system": "epss", "scoring_elements": "0.78273", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11505" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11505", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11505" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/924361?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4~hg15968-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4~hg15968-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924306?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.36%2Bhg16481-2%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.36%252Bhg16481-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924304?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.40-4%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.40-4%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924308?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.45%2Bhg17696-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.45%252Bhg17696-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924307?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.46-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.46-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11505" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cxs4-yude-jba3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93879?format=api", "vulnerability_id": "VCID-ek9v-zmf4-u7aw", "summary": "In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in the function ReadMPCImage of coders/mpc.c, which allows attackers to cause a denial of service via a crafted image file.", "references": [ { "reference_url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/a348d9661019", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/a348d9661019" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11010", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.6964", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69592", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69631", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69526", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69537", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69553", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69532", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69582", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69599", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69621", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00605", "scoring_system": "epss", "scoring_elements": "0.69606", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11010" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html" }, { "reference_url": "https://sourceforge.net/p/graphicsmagick/bugs/601/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceforge.net/p/graphicsmagick/bugs/601/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4640" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029", "reference_id": "927029", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11010", "reference_id": "CVE-2019-11010", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:N/A:P" }, { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11010" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/924361?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4~hg15968-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4~hg15968-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924306?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.36%2Bhg16481-2%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.36%252Bhg16481-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924304?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.40-4%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.40-4%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924308?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.45%2Bhg17696-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.45%252Bhg17696-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924307?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.46-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.46-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11010" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ek9v-zmf4-u7aw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93878?format=api", "vulnerability_id": "VCID-k5jd-24qt-aqc6", "summary": "In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadXWDImage of coders/xwd.c, which allows attackers to cause a denial of service or information disclosure via a crafted image file.", "references": [ { "reference_url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/7cff2b1792de", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/7cff2b1792de" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00020.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00055.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11009", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79967", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79936", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79964", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79888", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79895", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79916", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79903", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79932", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79941", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79961", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01329", "scoring_system": "epss", "scoring_elements": "0.79944", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11009" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html" }, { "reference_url": "https://sourceforge.net/p/graphicsmagick/bugs/597/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceforge.net/p/graphicsmagick/bugs/597/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4640" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029", "reference_id": "927029", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11009", "reference_id": "CVE-2019-11009", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" }, { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11009" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/924361?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4~hg15968-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4~hg15968-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924306?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.36%2Bhg16481-2%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.36%252Bhg16481-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924304?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.40-4%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.40-4%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924308?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.45%2Bhg17696-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.45%252Bhg17696-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924307?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.46-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.46-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11009" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k5jd-24qt-aqc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93876?format=api", "vulnerability_id": "VCID-mw2s-6zec-8ucb", "summary": "In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the ReadMNGImage function of coders/png.c, which allows attackers to cause a denial of service or information disclosure via an image colormap.", "references": [ { "reference_url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/40fc71472b98", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/40fc71472b98" }, { "reference_url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/86a9295e7c83", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/86a9295e7c83" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00010.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00010.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11007", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84115", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84113", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84019", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84033", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84049", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84052", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84075", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84082", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84099", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84093", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.84088", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02106", "scoring_system": "epss", "scoring_elements": "0.8411", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11007" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html" }, { "reference_url": "https://sourceforge.net/p/graphicsmagick/bugs/596/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceforge.net/p/graphicsmagick/bugs/596/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4640" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029", "reference_id": "927029", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11007", "reference_id": "CVE-2019-11007", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:P" }, { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11007" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/924361?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4~hg15968-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4~hg15968-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924306?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.36%2Bhg16481-2%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.36%252Bhg16481-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924304?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.40-4%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.40-4%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924308?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.45%2Bhg17696-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.45%252Bhg17696-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924307?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.46-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.46-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11007" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mw2s-6zec-8ucb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93877?format=api", "vulnerability_id": "VCID-qjhw-tswt-m3ak", "summary": "In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer overflow in the function WriteXWDImage of coders/xwd.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file.", "references": [ { "reference_url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d823d23a474b", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d823d23a474b" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00006.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00010.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00010.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00020.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00020.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00021.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00055.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00055.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11008", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.84028", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.84024", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.84026", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.83932", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.83946", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.83962", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.83964", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.83987", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.83994", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.84009", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.84004", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02084", "scoring_system": "epss", "scoring_elements": "0.84", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11008" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html" }, { "reference_url": "https://sourceforge.net/p/graphicsmagick/bugs/599/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceforge.net/p/graphicsmagick/bugs/599/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4640" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029", "reference_id": "927029", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11008", "reference_id": "CVE-2019-11008", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11008" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/924361?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4~hg15968-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4~hg15968-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924306?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.36%2Bhg16481-2%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.36%252Bhg16481-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924304?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.40-4%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.40-4%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924308?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.45%2Bhg17696-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.45%252Bhg17696-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924307?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.46-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.46-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11008" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qjhw-tswt-m3ak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93875?format=api", "vulnerability_id": "VCID-xvve-pj82-mfh6", "summary": "In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buffer over-read in the function ReadMIFFImage of coders/miff.c, which allows attackers to cause a denial of service or information disclosure via an RLE packet.", "references": [ { "reference_url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/f7610c1281c1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/f7610c1281c1" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00093.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00107.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11006", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80499", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80467", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80496", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80415", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80421", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80442", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80431", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80461", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80471", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80489", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01406", "scoring_system": "epss", "scoring_elements": "0.80474", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-11006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11006" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00015.html" }, { "reference_url": "https://sourceforge.net/p/graphicsmagick/bugs/598/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://sourceforge.net/p/graphicsmagick/bugs/598/" }, { "reference_url": "https://www.debian.org/security/2020/dsa-4640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.debian.org/security/2020/dsa-4640" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029", "reference_id": "927029", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927029" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:graphicsmagick:graphicsmagick:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11006", "reference_id": "CVE-2019-11006", "reference_type": "", "scores": [ { "value": "6.4", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:P" }, { "value": "9.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11006" }, { "reference_url": "https://usn.ubuntu.com/4207-1/", "reference_id": "USN-4207-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4207-1/" }, { "reference_url": "https://usn.ubuntu.com/5974-1/", "reference_id": "USN-5974-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5974-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/924361?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4~hg15968-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4~hg15968-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924306?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.36%2Bhg16481-2%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.36%252Bhg16481-2%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924304?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.40-4%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.40-4%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924308?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.45%2Bhg17696-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.45%252Bhg17696-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/924307?format=api", "purl": "pkg:deb/debian/graphicsmagick@1.4%2Breally1.3.46-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4%252Breally1.3.46-2%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-11006" ], "risk_score": 4.1, "exploitability": "0.5", "weighted_severity": "8.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xvve-pj82-mfh6" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/graphicsmagick@1.4~hg15968-1%3Fdistro=trixie" }