Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/933744?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/933744?format=api", "purl": "pkg:deb/debian/openjpeg2@2.3.1-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "openjpeg2", "version": "2.3.1-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "2.4.0-1", "latest_non_vulnerable_version": "2.5.4-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82455?format=api", "vulnerability_id": "VCID-1z5a-aa47-dyft", "summary": "openjpeg: out-of-bounds read in functions pi_next_lrcp, pi_next_rlcp, pi_next_rpcl, pi_next_pcrl, pi_next_rpcl, and pi_next_cprl in openmj2/pi.c leads to denial of service", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20846.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20846.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20846", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63784", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63924", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63914", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63926", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63845", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63872", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63829", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.6388", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63897", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.6391", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63896", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63863", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63898", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63908", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00456", "scoring_system": "epss", "scoring_elements": "0.63899", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20846" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20846", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20846" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728513", "reference_id": "1728513", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728513" }, { "reference_url": "https://security.archlinux.org/AVG-1390", "reference_id": "AVG-1390", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1390" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933744?format=api", "purl": "pkg:deb/debian/openjpeg2@2.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933734?format=api", "purl": "pkg:deb/debian/openjpeg2@2.4.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.4.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933732?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.0-2%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.0-2%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933736?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.3-2.1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.3-2.1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933735?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.4-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20846" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1z5a-aa47-dyft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82453?format=api", "vulnerability_id": "VCID-ecez-3pwt-pudf", "summary": "openjpeg: division-by-zero in functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20845.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20845.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20845", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00609", "scoring_system": "epss", "scoring_elements": "0.69659", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00609", "scoring_system": "epss", "scoring_elements": "0.69671", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00609", "scoring_system": "epss", "scoring_elements": "0.69687", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00609", "scoring_system": "epss", "scoring_elements": "0.69664", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00609", "scoring_system": "epss", "scoring_elements": "0.69714", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00609", "scoring_system": "epss", "scoring_elements": "0.69731", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00609", "scoring_system": "epss", "scoring_elements": "0.69752", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00609", "scoring_system": "epss", "scoring_elements": "0.69737", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00609", "scoring_system": "epss", "scoring_elements": "0.69724", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00609", "scoring_system": "epss", "scoring_elements": "0.69764", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00609", "scoring_system": "epss", "scoring_elements": "0.69773", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00609", "scoring_system": "epss", "scoring_elements": "0.69754", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00609", "scoring_system": "epss", "scoring_elements": "0.69805", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00609", "scoring_system": "epss", "scoring_elements": "0.69813", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00609", "scoring_system": "epss", "scoring_elements": "0.69818", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20845" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20845", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20845" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728505", "reference_id": "1728505", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728505" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4251", "reference_id": "RHSA-2021:4251", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4251" }, { "reference_url": "https://usn.ubuntu.com/USN-4782-1/", "reference_id": "USN-USN-4782-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4782-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933744?format=api", "purl": "pkg:deb/debian/openjpeg2@2.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933734?format=api", "purl": "pkg:deb/debian/openjpeg2@2.4.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.4.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933732?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.0-2%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.0-2%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933736?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.3-2.1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.3-2.1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933735?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.4-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20845" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ecez-3pwt-pudf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83735?format=api", "vulnerability_id": "VCID-hxax-t3zc-8kax", "summary": "openjpeg: integer overflow in opj_t1_encode_cblks in src/lib/openjp2/t1.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5727.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-5727.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5727", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72503", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.7251", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72527", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72542", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72554", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72578", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72561", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72551", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72594", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72603", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72636", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72645", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72642", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-5727" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5727", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5727" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1536552", "reference_id": "1536552", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1536552" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888532", "reference_id": "888532", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888532" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4251", "reference_id": "RHSA-2021:4251", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4251" }, { "reference_url": "https://usn.ubuntu.com/4686-1/", "reference_id": "USN-4686-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4686-1/" }, { "reference_url": "https://usn.ubuntu.com/USN-4782-1/", "reference_id": "USN-USN-4782-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4782-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933744?format=api", "purl": "pkg:deb/debian/openjpeg2@2.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933734?format=api", "purl": "pkg:deb/debian/openjpeg2@2.4.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.4.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933732?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.0-2%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.0-2%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933736?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.3-2.1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.3-2.1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933735?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.4-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-5727" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hxax-t3zc-8kax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/82454?format=api", "vulnerability_id": "VCID-xvjg-5z4m-pqdv", "summary": "openjpeg: integer overflow in function opj_get_encoding_parameters in openjp2/pi.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20847.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20847.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20847", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72639", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72558", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72548", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.7259", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.726", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72591", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72633", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72642", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00724", "scoring_system": "epss", "scoring_elements": "0.72575", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72795", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72792", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72847", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-20847" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20847", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20847" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728509", "reference_id": "1728509", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1728509" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931294", "reference_id": "931294", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931294" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:4251", "reference_id": "RHSA-2021:4251", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:4251" }, { "reference_url": "https://usn.ubuntu.com/4497-1/", "reference_id": "USN-4497-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4497-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933744?format=api", "purl": "pkg:deb/debian/openjpeg2@2.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933734?format=api", "purl": "pkg:deb/debian/openjpeg2@2.4.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.4.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933732?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.0-2%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.0-2%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933736?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.3-2.1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.3-2.1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933735?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.4-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-20847" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xvjg-5z4m-pqdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40224?format=api", "vulnerability_id": "VCID-yb58-a8p7-v7dw", "summary": "Multiple vulnerabilities have been found in OpenJPEG, the worst of\n which could result in the arbitrary execution of code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21010.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21010.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-21010", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74768", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74893", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74846", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74882", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74889", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74771", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74798", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74772", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74805", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74819", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74843", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74822", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74812", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74848", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00846", "scoring_system": "epss", "scoring_elements": "0.74855", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-21010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21010" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/uclouvain/openjpeg/commit/2e5ab1d9987831c981ff05862e8ccf1381ed58ea", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/uclouvain/openjpeg/commit/2e5ab1d9987831c981ff05862e8ccf1381ed58ea" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00009.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2019/10/msg00009.html" }, { "reference_url": "https://www.oracle.com//security-alerts/cpujul2021.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.oracle.com//security-alerts/cpujul2021.html" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755769", "reference_id": "1755769", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1755769" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939553", "reference_id": "939553", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=939553" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uclouvain:openjpeg:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:uclouvain:openjpeg:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:uclouvain:openjpeg:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-21010", "reference_id": "CVE-2018-21010", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-21010" }, { "reference_url": "https://security.gentoo.org/glsa/202101-29", "reference_id": "GLSA-202101-29", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202101-29" }, { "reference_url": "https://usn.ubuntu.com/4497-1/", "reference_id": "USN-4497-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4497-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933744?format=api", "purl": "pkg:deb/debian/openjpeg2@2.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933734?format=api", "purl": "pkg:deb/debian/openjpeg2@2.4.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.4.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933732?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.0-2%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.0-2%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933736?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.3-2.1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.3-2.1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933735?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.4-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-21010" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yb58-a8p7-v7dw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/93803?format=api", "vulnerability_id": "VCID-z1a1-p95p-sya2", "summary": "An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0. The output prefix was not checked for length, which could overflow a buffer, when providing a prefix with 50 or more characters on the command line.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-7648", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68265", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68284", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68305", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68281", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68332", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68349", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68375", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68362", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68329", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68369", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68382", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68361", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68408", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68413", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00562", "scoring_system": "epss", "scoring_elements": "0.68417", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-7648" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7648", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7648" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933744?format=api", "purl": "pkg:deb/debian/openjpeg2@2.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933734?format=api", "purl": "pkg:deb/debian/openjpeg2@2.4.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.4.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933732?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.0-2%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.0-2%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933736?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.3-2.1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.3-2.1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933735?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.4-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-7648" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z1a1-p95p-sya2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/83180?format=api", "vulnerability_id": "VCID-zz9f-brcy-ekdy", "summary": "openjpeg: Heap-based buffer overflow in pnmtoimage function in bin/jpwl/convert.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16375.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16375.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16375", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61488", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61563", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61592", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61611", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61625", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61646", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61635", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61781", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61745", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61787", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61792", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.61775", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00417", "scoring_system": "epss", "scoring_elements": "0.6177", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16375" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16375", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16375" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1626088", "reference_id": "1626088", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1626088" }, { "reference_url": "https://usn.ubuntu.com/USN-4782-1/", "reference_id": "USN-USN-4782-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4782-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/933744?format=api", "purl": "pkg:deb/debian/openjpeg2@2.3.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.3.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933734?format=api", "purl": "pkg:deb/debian/openjpeg2@2.4.0-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.4.0-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933732?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.0-2%2Bdeb12u2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.0-2%252Bdeb12u2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933736?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.3-2.1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.3-2.1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/933735?format=api", "purl": "pkg:deb/debian/openjpeg2@2.5.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.5.4-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-16375" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zz9f-brcy-ekdy" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/openjpeg2@2.3.1-1%3Fdistro=trixie" }