Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie

Type deb

Namespace debian

Name libwebp

Version 0.6.1-2.1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 0.6.1-2.1+deb11u1

Latest_non_vulnerable_version 1.5.0-0.1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-6z14-frdw-r3dh

vulnerability_id VCID-6z14-frdw-r3dh

summary libwebp: out-of-bounds read in ApplyFilter()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25010.json

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25010.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-25010

reference_id

reference_type

scores

value	0.0051
scoring_system	epss
scoring_elements	0.66315
published_at	2026-04-01T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66354
published_at	2026-04-02T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66381
published_at	2026-04-04T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.6635
published_at	2026-04-07T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66399
published_at	2026-04-08T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66412
published_at	2026-04-09T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66433
published_at	2026-04-11T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.6642
published_at	2026-04-12T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.6639
published_at	2026-04-13T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66426
published_at	2026-04-16T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66442
published_at	2026-04-18T12:55:00Z

value	0.0051
scoring_system	epss
scoring_elements	0.66428
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-25010

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1956918
reference_id	1956918
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1956918

reference_url	https://access.redhat.com/errata/RHSA-2021:4231
reference_id	RHSA-2021:4231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4231

reference_url	https://usn.ubuntu.com/4971-1/
reference_id	USN-4971-1
reference_type
scores
url	https://usn.ubuntu.com/4971-1/

reference_url	https://usn.ubuntu.com/4971-2/
reference_id	USN-4971-2
reference_type
scores
url	https://usn.ubuntu.com/4971-2/

fixed_packages

url	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.2.4-0.2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
purl	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.5.0-0.1%3Fdistro=trixie

aliases CVE-2018-25010

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6z14-frdw-r3dh

url VCID-8nht-54x7-gqf1

vulnerability_id VCID-8nht-54x7-gqf1

summary libwebp: excessive memory allocation when reading a file

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36332.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36332.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36332

reference_id

reference_type

scores

value	0.00818
scoring_system	epss
scoring_elements	0.74303
published_at	2026-04-01T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74307
published_at	2026-04-07T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74334
published_at	2026-04-04T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.7434
published_at	2026-04-08T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74355
published_at	2026-04-09T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74377
published_at	2026-04-11T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74357
published_at	2026-04-12T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74349
published_at	2026-04-13T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74385
published_at	2026-04-16T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74394
published_at	2026-04-18T12:55:00Z

value	0.00818
scoring_system	epss
scoring_elements	0.74386
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36332

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1956868
reference_id	1956868
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1956868

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-36332
reference_id	CVE-2020-36332
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-36332

reference_url	https://access.redhat.com/errata/RHSA-2021:4231
reference_id	RHSA-2021:4231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4231

reference_url	https://usn.ubuntu.com/4971-1/
reference_id	USN-4971-1
reference_type
scores
url	https://usn.ubuntu.com/4971-1/

fixed_packages

url	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.2.4-0.2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
purl	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.5.0-0.1%3Fdistro=trixie

aliases CVE-2020-36332

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8nht-54x7-gqf1

url VCID-9jcb-yrmd-7uen

vulnerability_id VCID-9jcb-yrmd-7uen

summary libwebp: heap-based buffer overflow in WebPDecode*Into functions

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36328.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36328.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36328

reference_id

reference_type

scores

value	0.00527
scoring_system	epss
scoring_elements	0.66988
published_at	2026-04-01T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67026
published_at	2026-04-02T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.6705
published_at	2026-04-04T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67025
published_at	2026-04-07T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67074
published_at	2026-04-08T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67087
published_at	2026-04-09T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67106
published_at	2026-04-11T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67092
published_at	2026-04-12T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67061
published_at	2026-04-13T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67094
published_at	2026-04-16T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67108
published_at	2026-04-18T12:55:00Z

value	0.00527
scoring_system	epss
scoring_elements	0.67089
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1956829
reference_id	1956829
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1956829

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-36328
reference_id	CVE-2020-36328
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-36328

reference_url	https://access.redhat.com/errata/RHSA-2021:2260
reference_id	RHSA-2021:2260
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2260

reference_url	https://access.redhat.com/errata/RHSA-2021:2328
reference_id	RHSA-2021:2328
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2328

reference_url	https://access.redhat.com/errata/RHSA-2021:2354
reference_id	RHSA-2021:2354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2354

reference_url	https://access.redhat.com/errata/RHSA-2021:2364
reference_id	RHSA-2021:2364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2364

reference_url	https://access.redhat.com/errata/RHSA-2021:2365
reference_id	RHSA-2021:2365
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2365

reference_url	https://usn.ubuntu.com/4971-1/
reference_id	USN-4971-1
reference_type
scores
url	https://usn.ubuntu.com/4971-1/

reference_url	https://usn.ubuntu.com/4971-2/
reference_id	USN-4971-2
reference_type
scores
url	https://usn.ubuntu.com/4971-2/

fixed_packages

url	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.2.4-0.2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
purl	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.5.0-0.1%3Fdistro=trixie

aliases CVE-2020-36328

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9jcb-yrmd-7uen

url VCID-e3uc-36mx-mbfv

vulnerability_id VCID-e3uc-36mx-mbfv

summary libwebp: out-of-bounds read in ChunkVerifyAndAssign() in mux/muxread.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36330.json

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36330.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36330

reference_id

reference_type

scores

value	0.00164
scoring_system	epss
scoring_elements	0.3738
published_at	2026-04-01T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37545
published_at	2026-04-02T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37568
published_at	2026-04-04T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37396
published_at	2026-04-07T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37448
published_at	2026-04-08T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37461
published_at	2026-04-09T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37474
published_at	2026-04-11T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.3744
published_at	2026-04-12T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37413
published_at	2026-04-13T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.3746
published_at	2026-04-16T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37442
published_at	2026-04-18T12:55:00Z

value	0.00164
scoring_system	epss
scoring_elements	0.37387
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1956853
reference_id	1956853
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1956853

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-36330
reference_id	CVE-2020-36330
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-36330

reference_url	https://access.redhat.com/errata/RHSA-2021:4231
reference_id	RHSA-2021:4231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4231

reference_url	https://usn.ubuntu.com/4971-1/
reference_id	USN-4971-1
reference_type
scores
url	https://usn.ubuntu.com/4971-1/

reference_url	https://usn.ubuntu.com/4971-2/
reference_id	USN-4971-2
reference_type
scores
url	https://usn.ubuntu.com/4971-2/

fixed_packages

url	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.2.4-0.2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
purl	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.5.0-0.1%3Fdistro=trixie

aliases CVE-2020-36330

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e3uc-36mx-mbfv

url VCID-ecku-fk4j-s3hr

vulnerability_id VCID-ecku-fk4j-s3hr

summary libwebp: out-of-bounds read in ChunkAssignData() in mux/muxinternal.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36331.json

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36331.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36331

reference_id

reference_type

scores

value	0.00189
scoring_system	epss
scoring_elements	0.40675
published_at	2026-04-01T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40758
published_at	2026-04-02T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40786
published_at	2026-04-04T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.4071
published_at	2026-04-07T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.4076
published_at	2026-04-08T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40768
published_at	2026-04-09T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40787
published_at	2026-04-11T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40752
published_at	2026-04-12T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40734
published_at	2026-04-13T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40778
published_at	2026-04-16T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40748
published_at	2026-04-18T12:55:00Z

value	0.00189
scoring_system	epss
scoring_elements	0.40671
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36331

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1956856
reference_id	1956856
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1956856

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-36331
reference_id	CVE-2020-36331
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-36331

reference_url	https://access.redhat.com/errata/RHSA-2021:4231
reference_id	RHSA-2021:4231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4231

reference_url	https://usn.ubuntu.com/4971-1/
reference_id	USN-4971-1
reference_type
scores
url	https://usn.ubuntu.com/4971-1/

reference_url	https://usn.ubuntu.com/4971-2/
reference_id	USN-4971-2
reference_type
scores
url	https://usn.ubuntu.com/4971-2/

fixed_packages

url	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.2.4-0.2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
purl	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.5.0-0.1%3Fdistro=trixie

aliases CVE-2020-36331

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ecku-fk4j-s3hr

url VCID-hjha-gt3s-s3e3

vulnerability_id VCID-hjha-gt3s-s3e3

summary libwebp: use of uninitialized value in ReadSymbol()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25014.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25014.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-25014

reference_id

reference_type

scores

value	0.00154
scoring_system	epss
scoring_elements	0.36096
published_at	2026-04-21T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36121
published_at	2026-04-13T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36162
published_at	2026-04-16T12:55:00Z

value	0.00154
scoring_system	epss
scoring_elements	0.36148
published_at	2026-04-18T12:55:00Z

value	0.00578
scoring_system	epss
scoring_elements	0.68805
published_at	2026-04-04T12:55:00Z

value	0.00578
scoring_system	epss
scoring_elements	0.68834
published_at	2026-04-08T12:55:00Z

value	0.00578
scoring_system	epss
scoring_elements	0.68853
published_at	2026-04-09T12:55:00Z

value	0.00578
scoring_system	epss
scoring_elements	0.68876
published_at	2026-04-11T12:55:00Z

value	0.00578
scoring_system	epss
scoring_elements	0.68861
published_at	2026-04-12T12:55:00Z

value	0.00578
scoring_system	epss
scoring_elements	0.68766
published_at	2026-04-01T12:55:00Z

value	0.00578
scoring_system	epss
scoring_elements	0.68783
published_at	2026-04-07T12:55:00Z

value	0.00578
scoring_system	epss
scoring_elements	0.68785
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-25014

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1956927
reference_id	1956927
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1956927

reference_url	https://access.redhat.com/errata/RHSA-2021:2328
reference_id	RHSA-2021:2328
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2328

reference_url	https://access.redhat.com/errata/RHSA-2021:4231
reference_id	RHSA-2021:4231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4231

reference_url	https://usn.ubuntu.com/4971-1/
reference_id	USN-4971-1
reference_type
scores
url	https://usn.ubuntu.com/4971-1/

reference_url	https://usn.ubuntu.com/4971-2/
reference_id	USN-4971-2
reference_type
scores
url	https://usn.ubuntu.com/4971-2/

fixed_packages

url	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.2.4-0.2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
purl	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.5.0-0.1%3Fdistro=trixie

aliases CVE-2018-25014

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hjha-gt3s-s3e3

url VCID-k4yg-g6p1-kkbz

vulnerability_id VCID-k4yg-g6p1-kkbz

summary libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36329.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36329.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-36329

reference_id

reference_type

scores

value	0.00503
scoring_system	epss
scoring_elements	0.66029
published_at	2026-04-01T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66071
published_at	2026-04-02T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66099
published_at	2026-04-04T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66066
published_at	2026-04-07T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66115
published_at	2026-04-08T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66127
published_at	2026-04-09T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66147
published_at	2026-04-11T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66134
published_at	2026-04-12T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66104
published_at	2026-04-13T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.6614
published_at	2026-04-16T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66153
published_at	2026-04-18T12:55:00Z

value	0.00503
scoring_system	epss
scoring_elements	0.66141
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-36329

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1956843
reference_id	1956843
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1956843

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2020-36329
reference_id	CVE-2020-36329
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2020-36329

reference_url	https://access.redhat.com/errata/RHSA-2021:2260
reference_id	RHSA-2021:2260
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2260

reference_url	https://access.redhat.com/errata/RHSA-2021:2328
reference_id	RHSA-2021:2328
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2328

reference_url	https://access.redhat.com/errata/RHSA-2021:2354
reference_id	RHSA-2021:2354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2354

reference_url	https://access.redhat.com/errata/RHSA-2021:2364
reference_id	RHSA-2021:2364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2364

reference_url	https://access.redhat.com/errata/RHSA-2021:2365
reference_id	RHSA-2021:2365
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2365

reference_url	https://usn.ubuntu.com/4971-1/
reference_id	USN-4971-1
reference_type
scores
url	https://usn.ubuntu.com/4971-1/

reference_url	https://usn.ubuntu.com/4971-2/
reference_id	USN-4971-2
reference_type
scores
url	https://usn.ubuntu.com/4971-2/

fixed_packages

url	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.2.4-0.2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
purl	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.5.0-0.1%3Fdistro=trixie

aliases CVE-2020-36329

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k4yg-g6p1-kkbz

url VCID-ms2y-xj5p-4ud9

vulnerability_id VCID-ms2y-xj5p-4ud9

summary libwebp: out-of-bounds read in WebPMuxCreateInternal()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25012.json

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25012.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-25012

reference_id

reference_type

scores

value	0.00575
scoring_system	epss
scoring_elements	0.68685
published_at	2026-04-01T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68704
published_at	2026-04-02T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68722
published_at	2026-04-04T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.687
published_at	2026-04-07T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68752
published_at	2026-04-08T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68771
published_at	2026-04-09T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68794
published_at	2026-04-11T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68779
published_at	2026-04-12T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.6875
published_at	2026-04-13T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68792
published_at	2026-04-16T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68802
published_at	2026-04-18T12:55:00Z

value	0.00575
scoring_system	epss
scoring_elements	0.68781
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-25012

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1956922
reference_id	1956922
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1956922

reference_url	https://access.redhat.com/errata/RHSA-2021:4231
reference_id	RHSA-2021:4231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4231

reference_url	https://usn.ubuntu.com/4971-1/
reference_id	USN-4971-1
reference_type
scores
url	https://usn.ubuntu.com/4971-1/

reference_url	https://usn.ubuntu.com/4971-2/
reference_id	USN-4971-2
reference_type
scores
url	https://usn.ubuntu.com/4971-2/

fixed_packages

url	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.2.4-0.2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
purl	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.5.0-0.1%3Fdistro=trixie

aliases CVE-2018-25012

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ms2y-xj5p-4ud9

url VCID-t16b-mbs7-wfc1

vulnerability_id VCID-t16b-mbs7-wfc1

summary libwebp: heap-based buffer overflow in PutLE16()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25011.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25011.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-25011

reference_id

reference_type

scores

value	0.00376
scoring_system	epss
scoring_elements	0.59067
published_at	2026-04-01T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.5914
published_at	2026-04-02T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59164
published_at	2026-04-04T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59128
published_at	2026-04-07T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59179
published_at	2026-04-08T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59192
published_at	2026-04-09T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59211
published_at	2026-04-11T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59194
published_at	2026-04-12T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59175
published_at	2026-04-13T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.5921
published_at	2026-04-16T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59215
published_at	2026-04-18T12:55:00Z

value	0.00376
scoring_system	epss
scoring_elements	0.59195
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-25011

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1956919
reference_id	1956919
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1956919

reference_url	https://access.redhat.com/errata/RHSA-2021:2260
reference_id	RHSA-2021:2260
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2260

reference_url	https://access.redhat.com/errata/RHSA-2021:2328
reference_id	RHSA-2021:2328
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2328

reference_url	https://access.redhat.com/errata/RHSA-2021:2354
reference_id	RHSA-2021:2354
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2354

reference_url	https://access.redhat.com/errata/RHSA-2021:2364
reference_id	RHSA-2021:2364
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2364

reference_url	https://access.redhat.com/errata/RHSA-2021:2365
reference_id	RHSA-2021:2365
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:2365

reference_url	https://usn.ubuntu.com/4971-1/
reference_id	USN-4971-1
reference_type
scores
url	https://usn.ubuntu.com/4971-1/

reference_url	https://usn.ubuntu.com/4971-2/
reference_id	USN-4971-2
reference_type
scores
url	https://usn.ubuntu.com/4971-2/

fixed_packages

url	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.2.4-0.2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
purl	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.5.0-0.1%3Fdistro=trixie

aliases CVE-2018-25011

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t16b-mbs7-wfc1

url VCID-wcer-d6dm-w3ch

vulnerability_id VCID-wcer-d6dm-w3ch

summary libwebp: out-of-bounds read in WebPMuxCreateInternal

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25009.json

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25009.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-25009

reference_id

reference_type

scores

value	0.00447
scoring_system	epss
scoring_elements	0.63413
published_at	2026-04-01T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63472
published_at	2026-04-02T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63499
published_at	2026-04-13T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63464
published_at	2026-04-07T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63516
published_at	2026-04-08T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63533
published_at	2026-04-12T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63549
published_at	2026-04-11T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63535
published_at	2026-04-16T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63543
published_at	2026-04-18T12:55:00Z

value	0.00447
scoring_system	epss
scoring_elements	0.63527
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-25009

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1956917
reference_id	1956917
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1956917

reference_url	https://access.redhat.com/errata/RHSA-2021:4231
reference_id	RHSA-2021:4231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4231

reference_url	https://usn.ubuntu.com/4971-1/
reference_id	USN-4971-1
reference_type
scores
url	https://usn.ubuntu.com/4971-1/

reference_url	https://usn.ubuntu.com/4971-2/
reference_id	USN-4971-2
reference_type
scores
url	https://usn.ubuntu.com/4971-2/

fixed_packages

url	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.2.4-0.2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
purl	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.5.0-0.1%3Fdistro=trixie

aliases CVE-2018-25009

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wcer-d6dm-w3ch

url VCID-yjus-jmfg-tyfv

vulnerability_id VCID-yjus-jmfg-tyfv

summary libwebp: out-of-bounds read in ShiftBytes()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25013.json

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25013.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-25013

reference_id

reference_type

scores

value	0.00139
scoring_system	epss
scoring_elements	0.33737
published_at	2026-04-01T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34074
published_at	2026-04-02T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34105
published_at	2026-04-04T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.33964
published_at	2026-04-07T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34006
published_at	2026-04-08T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34037
published_at	2026-04-11T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.33994
published_at	2026-04-12T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.3397
published_at	2026-04-13T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.34004
published_at	2026-04-16T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.33991
published_at	2026-04-18T12:55:00Z

value	0.00139
scoring_system	epss
scoring_elements	0.33959
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-25013

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1956926
reference_id	1956926
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1956926

reference_url	https://access.redhat.com/errata/RHSA-2021:4231
reference_id	RHSA-2021:4231
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4231

reference_url	https://usn.ubuntu.com/4971-1/
reference_id	USN-4971-1
reference_type
scores
url	https://usn.ubuntu.com/4971-1/

reference_url	https://usn.ubuntu.com/4971-2/
reference_id	USN-4971-2
reference_type
scores
url	https://usn.ubuntu.com/4971-2/

fixed_packages

url	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
purl	pkg:deb/debian/libwebp@0.6.1-2.1%2Bdeb11u2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%252Bdeb11u2%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
purl	pkg:deb/debian/libwebp@1.2.4-0.2%2Bdeb12u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.2.4-0.2%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
purl	pkg:deb/debian/libwebp@1.5.0-0.1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@1.5.0-0.1%3Fdistro=trixie

aliases CVE-2018-25013

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yjus-jmfg-tyfv

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/libwebp@0.6.1-2.1%3Fdistro=trixie

Package Instance