Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/tiff@4.0.6-1?distro=trixie

Type deb

Namespace debian

Name tiff

Version 4.0.6-1

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 4.0.6-2

Latest_non_vulnerable_version 4.7.1-2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1dhy-s5x3-fuf7

vulnerability_id VCID-1dhy-s5x3-fuf7

summary

Multiple vulnerabilities in libTIFF could result in execution of
    arbitrary code or Denial of Service.

references

reference_url	http://bugzilla.maptools.org/show_bug.cgi?id=2209
reference_id
reference_type
scores
url	http://bugzilla.maptools.org/show_bug.cgi?id=2209

reference_url	http://marc.info/?l=oss-security&m=127731610612908&w=2
reference_id
reference_type
scores
url	http://marc.info/?l=oss-security&m=127731610612908&w=2

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2596.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2596.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-2596

reference_id

reference_type

scores

value	0.00999
scoring_system	epss
scoring_elements	0.77066
published_at	2026-04-29T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.77046
published_at	2026-04-24T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.77053
published_at	2026-04-26T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.76913
published_at	2026-04-01T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.76919
published_at	2026-04-02T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.76949
published_at	2026-04-04T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.76931
published_at	2026-04-07T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.76963
published_at	2026-04-08T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.76974
published_at	2026-04-09T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.77002
published_at	2026-04-11T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.76981
published_at	2026-04-12T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.76976
published_at	2026-04-13T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.77017
published_at	2026-04-16T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.77019
published_at	2026-04-18T12:55:00Z

value	0.00999
scoring_system	epss
scoring_elements	0.77011
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-2596

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=583081
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=583081

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2596
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2596

reference_url	http://secunia.com/advisories/40422
reference_id
reference_type
scores
url	http://secunia.com/advisories/40422

reference_url	http://secunia.com/advisories/50726
reference_id
reference_type
scores
url	http://secunia.com/advisories/50726

reference_url	http://security.gentoo.org/glsa/glsa-201209-02.xml
reference_id
reference_type
scores
url	http://security.gentoo.org/glsa/glsa-201209-02.xml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=610759
reference_id	610759
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=610759

reference_url	https://security.archlinux.org/ASA-201611-26
reference_id	ASA-201611-26
reference_type
scores
url	https://security.archlinux.org/ASA-201611-26

reference_url	https://security.archlinux.org/ASA-201611-27
reference_id	ASA-201611-27
reference_type
scores
url	https://security.archlinux.org/ASA-201611-27

reference_url

https://security.archlinux.org/AVG-85

reference_id

AVG-85

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-85

reference_url

https://security.archlinux.org/AVG-86

reference_id

AVG-86

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-86

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:3.9.0:::::::*
reference_id	cpe:2.3:a:libtiff:libtiff:3.9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:3.9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:3.9.2:::::::*
reference_id	cpe:2.3:a:libtiff:libtiff:3.9.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:3.9.2:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-2596

reference_id

CVE-2010-2596

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2010-2596

reference_url	https://security.gentoo.org/glsa/201209-02
reference_id	GLSA-201209-02
reference_type
scores
url	https://security.gentoo.org/glsa/201209-02

reference_url	https://access.redhat.com/errata/RHSA-2014:0222
reference_id	RHSA-2014:0222
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:0222

fixed_packages

url	pkg:deb/debian/tiff@4.0.6-1?distro=trixie
purl	pkg:deb/debian/tiff@4.0.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie

url pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

purl pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hfc-b4qr-jqgk

vulnerability	VCID-38sj-85gt-sfhe

vulnerability	VCID-4mhv-7vrm-v7hv

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-a8jf-xmj8-cuh6

vulnerability	VCID-d8kh-h6vs-gqd4

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-h9ap-xxmw-j7dr

vulnerability	VCID-ndc5-qn5u-3qbq

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-rp7t-x7gz-9udg

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-ukgj-45m7-6uba

vulnerability	VCID-vju4-pghv-47bx

vulnerability	VCID-vrtj-45t6-cqec

vulnerability	VCID-yfxw-tmnn-byc6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie

url pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-38sj-85gt-sfhe

vulnerability	VCID-4mhv-7vrm-v7hv

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-a8jf-xmj8-cuh6

vulnerability	VCID-b4hb-cxzy-suck

vulnerability	VCID-d8kh-h6vs-gqd4

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-ndc5-qn5u-3qbq

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-rp7t-x7gz-9udg

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-ukgj-45m7-6uba

vulnerability	VCID-vju4-pghv-47bx

vulnerability	VCID-yfxw-tmnn-byc6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-vju4-pghv-47bx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/tiff@4.7.1-1?distro=trixie

purl pkg:deb/debian/tiff@4.7.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ttb7-w41r-4kfn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie

url	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
purl	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie

aliases CVE-2010-2596

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1dhy-s5x3-fuf7

url VCID-81ew-t25a-f7gq

vulnerability_id VCID-81ew-t25a-f7gq

summary

Multiple vulnerabilities have been found in libTIFF, the worst of
    which may allow execution of arbitrary code.

references

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1546.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1546.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1547.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1547.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8683.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8683.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8683

reference_id

reference_type

scores

value	0.00207
scoring_system	epss
scoring_elements	0.43074
published_at	2026-04-01T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.42972
published_at	2026-04-29T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43196
published_at	2026-04-16T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43186
published_at	2026-04-18T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43118
published_at	2026-04-21T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43053
published_at	2026-04-24T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43055
published_at	2026-04-26T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43132
published_at	2026-04-02T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43159
published_at	2026-04-04T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43098
published_at	2026-04-07T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43151
published_at	2026-04-12T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43163
published_at	2026-04-09T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43184
published_at	2026-04-11T12:55:00Z

value	0.00207
scoring_system	epss
scoring_elements	0.43136
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.debian.org/security/2016/dsa-3467
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3467

reference_url	http://www.openwall.com/lists/oss-security/2015/12/25/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2015/12/25/1

reference_url	http://www.openwall.com/lists/oss-security/2015/12/26/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2015/12/26/1

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/79718
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/79718

reference_url	http://www.securitytracker.com/id/1035508
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035508

reference_url	http://www.ubuntu.com/usn/USN-2939-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2939-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1294427
reference_id	1294427
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1294427

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809021
reference_id	809021
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809021

reference_url	https://security.archlinux.org/ASA-201611-26
reference_id	ASA-201611-26
reference_type
scores
url	https://security.archlinux.org/ASA-201611-26

reference_url	https://security.archlinux.org/ASA-201611-27
reference_id	ASA-201611-27
reference_type
scores
url	https://security.archlinux.org/ASA-201611-27

reference_url

https://security.archlinux.org/AVG-85

reference_id

AVG-85

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-85

reference_url

https://security.archlinux.org/AVG-86

reference_id

AVG-86

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-86

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:4.0.6:::::::*
reference_id	cpe:2.3:a:libtiff:libtiff:4.0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:4.0.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8683

reference_id

CVE-2015-8683

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8683

reference_url	https://security.gentoo.org/glsa/201701-16
reference_id	GLSA-201701-16
reference_type
scores
url	https://security.gentoo.org/glsa/201701-16

reference_url	https://access.redhat.com/errata/RHSA-2016:1546
reference_id	RHSA-2016:1546
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1546

reference_url	https://access.redhat.com/errata/RHSA-2016:1547
reference_id	RHSA-2016:1547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1547

reference_url	https://usn.ubuntu.com/2939-1/
reference_id	USN-2939-1
reference_type
scores
url	https://usn.ubuntu.com/2939-1/

fixed_packages

url	pkg:deb/debian/tiff@4.0.6-1?distro=trixie
purl	pkg:deb/debian/tiff@4.0.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie

url pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

purl pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hfc-b4qr-jqgk

vulnerability	VCID-38sj-85gt-sfhe

vulnerability	VCID-4mhv-7vrm-v7hv

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-a8jf-xmj8-cuh6

vulnerability	VCID-d8kh-h6vs-gqd4

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-h9ap-xxmw-j7dr

vulnerability	VCID-ndc5-qn5u-3qbq

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-rp7t-x7gz-9udg

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-ukgj-45m7-6uba

vulnerability	VCID-vju4-pghv-47bx

vulnerability	VCID-vrtj-45t6-cqec

vulnerability	VCID-yfxw-tmnn-byc6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie

url pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-38sj-85gt-sfhe

vulnerability	VCID-4mhv-7vrm-v7hv

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-a8jf-xmj8-cuh6

vulnerability	VCID-b4hb-cxzy-suck

vulnerability	VCID-d8kh-h6vs-gqd4

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-ndc5-qn5u-3qbq

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-rp7t-x7gz-9udg

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-ukgj-45m7-6uba

vulnerability	VCID-vju4-pghv-47bx

vulnerability	VCID-yfxw-tmnn-byc6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-vju4-pghv-47bx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/tiff@4.7.1-1?distro=trixie

purl pkg:deb/debian/tiff@4.7.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ttb7-w41r-4kfn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie

url	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
purl	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie

aliases CVE-2015-8683

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-81ew-t25a-f7gq

url VCID-8f48-6u7s-xyht

vulnerability_id VCID-8f48-6u7s-xyht

summary

Multiple vulnerabilities have been found in libTIFF, the worst of
    which may allow execution of arbitrary code.

references

reference_url	http://bugzilla.maptools.org/show_bug.cgi?id=2508
reference_id
reference_type
scores
url	http://bugzilla.maptools.org/show_bug.cgi?id=2508

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1546.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1546.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1547.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1547.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8784.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8784.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8784

reference_id

reference_type

scores

value	0.01522
scoring_system	epss
scoring_elements	0.81194
published_at	2026-04-01T12:55:00Z

value	0.01522
scoring_system	epss
scoring_elements	0.81329
published_at	2026-04-29T12:55:00Z

value	0.01522
scoring_system	epss
scoring_elements	0.81295
published_at	2026-04-21T12:55:00Z

value	0.01522
scoring_system	epss
scoring_elements	0.81317
published_at	2026-04-24T12:55:00Z

value	0.01522
scoring_system	epss
scoring_elements	0.81324
published_at	2026-04-26T12:55:00Z

value	0.01522
scoring_system	epss
scoring_elements	0.81203
published_at	2026-04-02T12:55:00Z

value	0.01522
scoring_system	epss
scoring_elements	0.81226
published_at	2026-04-07T12:55:00Z

value	0.01522
scoring_system	epss
scoring_elements	0.81254
published_at	2026-04-08T12:55:00Z

value	0.01522
scoring_system	epss
scoring_elements	0.81259
published_at	2026-04-09T12:55:00Z

value	0.01522
scoring_system	epss
scoring_elements	0.81279
published_at	2026-04-11T12:55:00Z

value	0.01522
scoring_system	epss
scoring_elements	0.81265
published_at	2026-04-12T12:55:00Z

value	0.01522
scoring_system	epss
scoring_elements	0.81258
published_at	2026-04-13T12:55:00Z

value	0.01522
scoring_system	epss
scoring_elements	0.81294
published_at	2026-04-16T12:55:00Z

value	0.01522
scoring_system	epss
scoring_elements	0.81296
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8784

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/vadz/libtiff/commit/b18012dae552f85dcc5c57d3bf4e997a15b1cc1c
reference_id
reference_type
scores
url	https://github.com/vadz/libtiff/commit/b18012dae552f85dcc5c57d3bf4e997a15b1cc1c

reference_url	http://www.debian.org/security/2016/dsa-3467
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3467

reference_url	http://www.openwall.com/lists/oss-security/2016/01/24/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/01/24/4

reference_url	http://www.openwall.com/lists/oss-security/2016/01/24/8
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/01/24/8

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/81696
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81696

reference_url	http://www.ubuntu.com/usn/USN-2939-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2939-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1301652
reference_id	1301652
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1301652

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff::::::::
reference_id	cpe:2.3:a:libtiff:libtiff::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8784

reference_id

CVE-2015-8784

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8784

reference_url	https://security.gentoo.org/glsa/201701-16
reference_id	GLSA-201701-16
reference_type
scores
url	https://security.gentoo.org/glsa/201701-16

reference_url	https://access.redhat.com/errata/RHSA-2016:1546
reference_id	RHSA-2016:1546
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1546

reference_url	https://access.redhat.com/errata/RHSA-2016:1547
reference_id	RHSA-2016:1547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1547

reference_url	https://usn.ubuntu.com/2939-1/
reference_id	USN-2939-1
reference_type
scores
url	https://usn.ubuntu.com/2939-1/

fixed_packages

url	pkg:deb/debian/tiff@4.0.6-1?distro=trixie
purl	pkg:deb/debian/tiff@4.0.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie

url pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

purl pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hfc-b4qr-jqgk

vulnerability	VCID-38sj-85gt-sfhe

vulnerability	VCID-4mhv-7vrm-v7hv

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-a8jf-xmj8-cuh6

vulnerability	VCID-d8kh-h6vs-gqd4

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-h9ap-xxmw-j7dr

vulnerability	VCID-ndc5-qn5u-3qbq

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-rp7t-x7gz-9udg

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-ukgj-45m7-6uba

vulnerability	VCID-vju4-pghv-47bx

vulnerability	VCID-vrtj-45t6-cqec

vulnerability	VCID-yfxw-tmnn-byc6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie

url pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-38sj-85gt-sfhe

vulnerability	VCID-4mhv-7vrm-v7hv

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-a8jf-xmj8-cuh6

vulnerability	VCID-b4hb-cxzy-suck

vulnerability	VCID-d8kh-h6vs-gqd4

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-ndc5-qn5u-3qbq

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-rp7t-x7gz-9udg

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-ukgj-45m7-6uba

vulnerability	VCID-vju4-pghv-47bx

vulnerability	VCID-yfxw-tmnn-byc6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-vju4-pghv-47bx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/tiff@4.7.1-1?distro=trixie

purl pkg:deb/debian/tiff@4.7.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ttb7-w41r-4kfn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie

url	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
purl	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie

aliases CVE-2015-8784

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8f48-6u7s-xyht

url VCID-8kgw-n4zx-uqa8

vulnerability_id VCID-8kgw-n4zx-uqa8

summary

Multiple vulnerabilities have been found in libTIFF, the worst of
    which may allow execution of arbitrary code.

references

reference_url	http://bugzilla.maptools.org/show_bug.cgi?id=2522
reference_id
reference_type
scores
url	http://bugzilla.maptools.org/show_bug.cgi?id=2522

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1546.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1546.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1547.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1547.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8783.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8783.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8783

reference_id

reference_type

scores

value	0.00655
scoring_system	epss
scoring_elements	0.70931
published_at	2026-04-01T12:55:00Z

value	0.00655
scoring_system	epss
scoring_elements	0.71079
published_at	2026-04-29T12:55:00Z

value	0.00655
scoring_system	epss
scoring_elements	0.71036
published_at	2026-04-18T12:55:00Z

value	0.00655
scoring_system	epss
scoring_elements	0.7107
published_at	2026-04-24T12:55:00Z

value	0.00655
scoring_system	epss
scoring_elements	0.70942
published_at	2026-04-02T12:55:00Z

value	0.00655
scoring_system	epss
scoring_elements	0.70959
published_at	2026-04-04T12:55:00Z

value	0.00655
scoring_system	epss
scoring_elements	0.70934
published_at	2026-04-07T12:55:00Z

value	0.00655
scoring_system	epss
scoring_elements	0.70976
published_at	2026-04-08T12:55:00Z

value	0.00655
scoring_system	epss
scoring_elements	0.70992
published_at	2026-04-09T12:55:00Z

value	0.00655
scoring_system	epss
scoring_elements	0.71015
published_at	2026-04-21T12:55:00Z

value	0.00655
scoring_system	epss
scoring_elements	0.70999
published_at	2026-04-12T12:55:00Z

value	0.00655
scoring_system	epss
scoring_elements	0.70982
published_at	2026-04-13T12:55:00Z

value	0.00655
scoring_system	epss
scoring_elements	0.71029
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8783

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784

reference_url	http://www.debian.org/security/2016/dsa-3467
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3467

reference_url	http://www.openwall.com/lists/oss-security/2016/01/24/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/01/24/3

reference_url	http://www.openwall.com/lists/oss-security/2016/01/24/7
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/01/24/7

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/81730
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81730

reference_url	http://www.ubuntu.com/usn/USN-2939-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2939-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1301649
reference_id	1301649
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1301649

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff::::::::
reference_id	cpe:2.3:a:libtiff:libtiff::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8783

reference_id

CVE-2015-8783

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8783

reference_url	https://security.gentoo.org/glsa/201701-16
reference_id	GLSA-201701-16
reference_type
scores
url	https://security.gentoo.org/glsa/201701-16

reference_url	https://access.redhat.com/errata/RHSA-2016:1546
reference_id	RHSA-2016:1546
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1546

reference_url	https://access.redhat.com/errata/RHSA-2016:1547
reference_id	RHSA-2016:1547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1547

reference_url	https://usn.ubuntu.com/2939-1/
reference_id	USN-2939-1
reference_type
scores
url	https://usn.ubuntu.com/2939-1/

fixed_packages

url	pkg:deb/debian/tiff@4.0.6-1?distro=trixie
purl	pkg:deb/debian/tiff@4.0.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie

url pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

purl pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hfc-b4qr-jqgk

vulnerability	VCID-38sj-85gt-sfhe

vulnerability	VCID-4mhv-7vrm-v7hv

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-a8jf-xmj8-cuh6

vulnerability	VCID-d8kh-h6vs-gqd4

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-h9ap-xxmw-j7dr

vulnerability	VCID-ndc5-qn5u-3qbq

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-rp7t-x7gz-9udg

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-ukgj-45m7-6uba

vulnerability	VCID-vju4-pghv-47bx

vulnerability	VCID-vrtj-45t6-cqec

vulnerability	VCID-yfxw-tmnn-byc6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie

url pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-38sj-85gt-sfhe

vulnerability	VCID-4mhv-7vrm-v7hv

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-a8jf-xmj8-cuh6

vulnerability	VCID-b4hb-cxzy-suck

vulnerability	VCID-d8kh-h6vs-gqd4

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-ndc5-qn5u-3qbq

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-rp7t-x7gz-9udg

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-ukgj-45m7-6uba

vulnerability	VCID-vju4-pghv-47bx

vulnerability	VCID-yfxw-tmnn-byc6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-vju4-pghv-47bx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/tiff@4.7.1-1?distro=trixie

purl pkg:deb/debian/tiff@4.7.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ttb7-w41r-4kfn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie

url	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
purl	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie

aliases CVE-2015-8783

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8kgw-n4zx-uqa8

url VCID-gp1w-v49g-j3aw

vulnerability_id VCID-gp1w-v49g-j3aw

summary

Multiple vulnerabilities have been found in libTIFF, the worst of
    which may allow execution of arbitrary code.

references

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1546.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1546.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1547.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1547.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8665.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8665.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8665

reference_id

reference_type

scores

value	0.00208
scoring_system	epss
scoring_elements	0.43179
published_at	2026-04-01T12:55:00Z

value	0.00208
scoring_system	epss
scoring_elements	0.43078
published_at	2026-04-29T12:55:00Z

value	0.00208
scoring_system	epss
scoring_elements	0.43298
published_at	2026-04-16T12:55:00Z

value	0.00208
scoring_system	epss
scoring_elements	0.43287
published_at	2026-04-18T12:55:00Z

value	0.00208
scoring_system	epss
scoring_elements	0.43223
published_at	2026-04-21T12:55:00Z

value	0.00208
scoring_system	epss
scoring_elements	0.43157
published_at	2026-04-24T12:55:00Z

value	0.00208
scoring_system	epss
scoring_elements	0.43158
published_at	2026-04-26T12:55:00Z

value	0.00208
scoring_system	epss
scoring_elements	0.43235
published_at	2026-04-02T12:55:00Z

value	0.00208
scoring_system	epss
scoring_elements	0.43264
published_at	2026-04-04T12:55:00Z

value	0.00208
scoring_system	epss
scoring_elements	0.43201
published_at	2026-04-07T12:55:00Z

value	0.00208
scoring_system	epss
scoring_elements	0.43253
published_at	2026-04-12T12:55:00Z

value	0.00208
scoring_system	epss
scoring_elements	0.43265
published_at	2026-04-09T12:55:00Z

value	0.00208
scoring_system	epss
scoring_elements	0.43286
published_at	2026-04-11T12:55:00Z

value	0.00208
scoring_system	epss
scoring_elements	0.43238
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8665

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.debian.org/security/2016/dsa-3467
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3467

reference_url	http://www.openwall.com/lists/oss-security/2015/12/24/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2015/12/24/2

reference_url	http://www.openwall.com/lists/oss-security/2015/12/24/4
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2015/12/24/4

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/79728
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/79728

reference_url	http://www.securitytracker.com/id/1035508
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1035508

reference_url	http://www.ubuntu.com/usn/USN-2939-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2939-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1294444
reference_id	1294444
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1294444

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808968
reference_id	808968
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808968

reference_url	https://security.archlinux.org/ASA-201611-26
reference_id	ASA-201611-26
reference_type
scores
url	https://security.archlinux.org/ASA-201611-26

reference_url	https://security.archlinux.org/ASA-201611-27
reference_id	ASA-201611-27
reference_type
scores
url	https://security.archlinux.org/ASA-201611-27

reference_url

https://security.archlinux.org/AVG-85

reference_id

AVG-85

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-85

reference_url

https://security.archlinux.org/AVG-86

reference_id

AVG-86

reference_type

scores

value	Critical
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-86

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:4.0.6:::::::*
reference_id	cpe:2.3:a:libtiff:libtiff:4.0.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff:4.0.6:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8665

reference_id

CVE-2015-8665

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8665

reference_url	https://security.gentoo.org/glsa/201701-16
reference_id	GLSA-201701-16
reference_type
scores
url	https://security.gentoo.org/glsa/201701-16

reference_url	https://access.redhat.com/errata/RHSA-2016:1546
reference_id	RHSA-2016:1546
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1546

reference_url	https://access.redhat.com/errata/RHSA-2016:1547
reference_id	RHSA-2016:1547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1547

reference_url	https://usn.ubuntu.com/2939-1/
reference_id	USN-2939-1
reference_type
scores
url	https://usn.ubuntu.com/2939-1/

fixed_packages

url	pkg:deb/debian/tiff@4.0.6-1?distro=trixie
purl	pkg:deb/debian/tiff@4.0.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie

url pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

purl pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hfc-b4qr-jqgk

vulnerability	VCID-38sj-85gt-sfhe

vulnerability	VCID-4mhv-7vrm-v7hv

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-a8jf-xmj8-cuh6

vulnerability	VCID-d8kh-h6vs-gqd4

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-h9ap-xxmw-j7dr

vulnerability	VCID-ndc5-qn5u-3qbq

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-rp7t-x7gz-9udg

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-ukgj-45m7-6uba

vulnerability	VCID-vju4-pghv-47bx

vulnerability	VCID-vrtj-45t6-cqec

vulnerability	VCID-yfxw-tmnn-byc6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie

url pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-38sj-85gt-sfhe

vulnerability	VCID-4mhv-7vrm-v7hv

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-a8jf-xmj8-cuh6

vulnerability	VCID-b4hb-cxzy-suck

vulnerability	VCID-d8kh-h6vs-gqd4

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-ndc5-qn5u-3qbq

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-rp7t-x7gz-9udg

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-ukgj-45m7-6uba

vulnerability	VCID-vju4-pghv-47bx

vulnerability	VCID-yfxw-tmnn-byc6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-vju4-pghv-47bx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/tiff@4.7.1-1?distro=trixie

purl pkg:deb/debian/tiff@4.7.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ttb7-w41r-4kfn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie

url	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
purl	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie

aliases CVE-2015-8665

risk_score 4.5

exploitability 0.5

weighted_severity 9.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gp1w-v49g-j3aw

url VCID-mb38-6e5v-fbah

vulnerability_id VCID-mb38-6e5v-fbah

summary

Multiple vulnerabilities have been found in libTIFF, the worst of
    which may allow execution of arbitrary code.

references

reference_url	http://bugzilla.maptools.org/show_bug.cgi?id=2522#c0
reference_id
reference_type
scores
url	http://bugzilla.maptools.org/show_bug.cgi?id=2522#c0

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1546.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1546.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1547.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1547.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8781.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8781.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8781

reference_id

reference_type

scores

value	0.02089
scoring_system	epss
scoring_elements	0.83955
published_at	2026-04-01T12:55:00Z

value	0.02089
scoring_system	epss
scoring_elements	0.84086
published_at	2026-04-29T12:55:00Z

value	0.02089
scoring_system	epss
scoring_elements	0.8405
published_at	2026-04-21T12:55:00Z

value	0.02089
scoring_system	epss
scoring_elements	0.84076
published_at	2026-04-24T12:55:00Z

value	0.02089
scoring_system	epss
scoring_elements	0.84082
published_at	2026-04-26T12:55:00Z

value	0.02089
scoring_system	epss
scoring_elements	0.8397
published_at	2026-04-02T12:55:00Z

value	0.02089
scoring_system	epss
scoring_elements	0.83985
published_at	2026-04-04T12:55:00Z

value	0.02089
scoring_system	epss
scoring_elements	0.83989
published_at	2026-04-07T12:55:00Z

value	0.02089
scoring_system	epss
scoring_elements	0.84012
published_at	2026-04-08T12:55:00Z

value	0.02089
scoring_system	epss
scoring_elements	0.84018
published_at	2026-04-09T12:55:00Z

value	0.02089
scoring_system	epss
scoring_elements	0.84035
published_at	2026-04-11T12:55:00Z

value	0.02089
scoring_system	epss
scoring_elements	0.84029
published_at	2026-04-12T12:55:00Z

value	0.02089
scoring_system	epss
scoring_elements	0.84024
published_at	2026-04-13T12:55:00Z

value	0.02089
scoring_system	epss
scoring_elements	0.84047
published_at	2026-04-16T12:55:00Z

value	0.02089
scoring_system	epss
scoring_elements	0.84049
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	http://www.debian.org/security/2016/dsa-3467
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3467

reference_url	http://www.openwall.com/lists/oss-security/2016/01/24/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/01/24/3

reference_url	http://www.openwall.com/lists/oss-security/2016/01/24/7
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/01/24/7

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/81730
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81730

reference_url	http://www.ubuntu.com/usn/USN-2939-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2939-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1301649
reference_id	1301649
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1301649

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff::::::::
reference_id	cpe:2.3:a:libtiff:libtiff::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8781

reference_id

CVE-2015-8781

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8781

reference_url	https://security.gentoo.org/glsa/201701-16
reference_id	GLSA-201701-16
reference_type
scores
url	https://security.gentoo.org/glsa/201701-16

reference_url	https://access.redhat.com/errata/RHSA-2016:1546
reference_id	RHSA-2016:1546
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1546

reference_url	https://access.redhat.com/errata/RHSA-2016:1547
reference_id	RHSA-2016:1547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1547

reference_url	https://usn.ubuntu.com/2939-1/
reference_id	USN-2939-1
reference_type
scores
url	https://usn.ubuntu.com/2939-1/

fixed_packages

url	pkg:deb/debian/tiff@4.0.6-1?distro=trixie
purl	pkg:deb/debian/tiff@4.0.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie

url pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

purl pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hfc-b4qr-jqgk

vulnerability	VCID-38sj-85gt-sfhe

vulnerability	VCID-4mhv-7vrm-v7hv

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-a8jf-xmj8-cuh6

vulnerability	VCID-d8kh-h6vs-gqd4

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-h9ap-xxmw-j7dr

vulnerability	VCID-ndc5-qn5u-3qbq

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-rp7t-x7gz-9udg

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-ukgj-45m7-6uba

vulnerability	VCID-vju4-pghv-47bx

vulnerability	VCID-vrtj-45t6-cqec

vulnerability	VCID-yfxw-tmnn-byc6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie

url pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-38sj-85gt-sfhe

vulnerability	VCID-4mhv-7vrm-v7hv

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-a8jf-xmj8-cuh6

vulnerability	VCID-b4hb-cxzy-suck

vulnerability	VCID-d8kh-h6vs-gqd4

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-ndc5-qn5u-3qbq

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-rp7t-x7gz-9udg

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-ukgj-45m7-6uba

vulnerability	VCID-vju4-pghv-47bx

vulnerability	VCID-yfxw-tmnn-byc6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-vju4-pghv-47bx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/tiff@4.7.1-1?distro=trixie

purl pkg:deb/debian/tiff@4.7.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ttb7-w41r-4kfn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie

url	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
purl	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie

aliases CVE-2015-8781

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mb38-6e5v-fbah

url VCID-n614-w2nh-rqbe

vulnerability_id VCID-n614-w2nh-rqbe

summary

Multiple vulnerabilities have been found in libTIFF, the worst of
    which may allow execution of arbitrary code.

references

reference_url	http://bugzilla.maptools.org/show_bug.cgi?id=2522
reference_id
reference_type
scores
url	http://bugzilla.maptools.org/show_bug.cgi?id=2522

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00058.html

reference_url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2016-02/msg00064.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1546.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1546.html

reference_url	http://rhn.redhat.com/errata/RHSA-2016-1547.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2016-1547.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8782.json

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8782.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2015-8782

reference_id

reference_type

scores

value	0.01557
scoring_system	epss
scoring_elements	0.8139
published_at	2026-04-01T12:55:00Z

value	0.01557
scoring_system	epss
scoring_elements	0.8153
published_at	2026-04-29T12:55:00Z

value	0.01557
scoring_system	epss
scoring_elements	0.81518
published_at	2026-04-24T12:55:00Z

value	0.01557
scoring_system	epss
scoring_elements	0.81526
published_at	2026-04-26T12:55:00Z

value	0.01557
scoring_system	epss
scoring_elements	0.81399
published_at	2026-04-02T12:55:00Z

value	0.01557
scoring_system	epss
scoring_elements	0.81422
published_at	2026-04-04T12:55:00Z

value	0.01557
scoring_system	epss
scoring_elements	0.81421
published_at	2026-04-07T12:55:00Z

value	0.01557
scoring_system	epss
scoring_elements	0.81449
published_at	2026-04-08T12:55:00Z

value	0.01557
scoring_system	epss
scoring_elements	0.81454
published_at	2026-04-09T12:55:00Z

value	0.01557
scoring_system	epss
scoring_elements	0.81476
published_at	2026-04-11T12:55:00Z

value	0.01557
scoring_system	epss
scoring_elements	0.81463
published_at	2026-04-12T12:55:00Z

value	0.01557
scoring_system	epss
scoring_elements	0.81457
published_at	2026-04-13T12:55:00Z

value	0.01557
scoring_system	epss
scoring_elements	0.81494
published_at	2026-04-16T12:55:00Z

value	0.01557
scoring_system	epss
scoring_elements	0.81495
published_at	2026-04-18T12:55:00Z

value	0.01557
scoring_system	epss
scoring_elements	0.81496
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2015-8782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8665

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8683

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8781

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8782

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8783

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8784

reference_url	http://www.debian.org/security/2016/dsa-3467
reference_id
reference_type
scores
url	http://www.debian.org/security/2016/dsa-3467

reference_url	http://www.openwall.com/lists/oss-security/2016/01/24/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/01/24/3

reference_url	http://www.openwall.com/lists/oss-security/2016/01/24/7
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2016/01/24/7

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html

reference_url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html

reference_url	http://www.securityfocus.com/bid/81730
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/81730

reference_url	http://www.ubuntu.com/usn/USN-2939-1
reference_id
reference_type
scores
url	http://www.ubuntu.com/usn/USN-2939-1

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1301649
reference_id	1301649
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1301649

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff::::::::
reference_id	cpe:2.3:a:libtiff:libtiff::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libtiff:libtiff::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2015-8782

reference_id

CVE-2015-8782

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2015-8782

reference_url	https://security.gentoo.org/glsa/201701-16
reference_id	GLSA-201701-16
reference_type
scores
url	https://security.gentoo.org/glsa/201701-16

reference_url	https://access.redhat.com/errata/RHSA-2016:1546
reference_id	RHSA-2016:1546
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1546

reference_url	https://access.redhat.com/errata/RHSA-2016:1547
reference_id	RHSA-2016:1547
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1547

reference_url	https://usn.ubuntu.com/2939-1/
reference_id	USN-2939-1
reference_type
scores
url	https://usn.ubuntu.com/2939-1/

fixed_packages

url	pkg:deb/debian/tiff@4.0.6-1?distro=trixie
purl	pkg:deb/debian/tiff@4.0.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie

url pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

purl pkg:deb/debian/tiff@4.2.0-1%2Bdeb11u5?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1hfc-b4qr-jqgk

vulnerability	VCID-38sj-85gt-sfhe

vulnerability	VCID-4mhv-7vrm-v7hv

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-a8jf-xmj8-cuh6

vulnerability	VCID-d8kh-h6vs-gqd4

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-h9ap-xxmw-j7dr

vulnerability	VCID-ndc5-qn5u-3qbq

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-rp7t-x7gz-9udg

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-ukgj-45m7-6uba

vulnerability	VCID-vju4-pghv-47bx

vulnerability	VCID-vrtj-45t6-cqec

vulnerability	VCID-yfxw-tmnn-byc6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.2.0-1%252Bdeb11u5%3Fdistro=trixie

url pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie

purl pkg:deb/debian/tiff@4.5.0-6%2Bdeb12u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-38sj-85gt-sfhe

vulnerability	VCID-4mhv-7vrm-v7hv

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-a8jf-xmj8-cuh6

vulnerability	VCID-b4hb-cxzy-suck

vulnerability	VCID-d8kh-h6vs-gqd4

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-ndc5-qn5u-3qbq

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-rp7t-x7gz-9udg

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-ukgj-45m7-6uba

vulnerability	VCID-vju4-pghv-47bx

vulnerability	VCID-yfxw-tmnn-byc6

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.5.0-6%252Bdeb12u3%3Fdistro=trixie

url pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie

purl pkg:deb/debian/tiff@4.7.0-3%2Bdeb13u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-7zdy-fxq2-p7gf

vulnerability	VCID-9grz-pkwb-3kc5

vulnerability	VCID-dg96-zmw1-8kcp

vulnerability	VCID-r186-xqyn-ffey

vulnerability	VCID-sqxq-hg7v-d7gv

vulnerability	VCID-ttb7-w41r-4kfn

vulnerability	VCID-vju4-pghv-47bx

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.0-3%252Bdeb13u1%3Fdistro=trixie

url pkg:deb/debian/tiff@4.7.1-1?distro=trixie

purl pkg:deb/debian/tiff@4.7.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ttb7-w41r-4kfn

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-1%3Fdistro=trixie

url	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
purl	pkg:deb/debian/tiff@4.7.1-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.7.1-2%3Fdistro=trixie

aliases CVE-2015-8782

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n614-w2nh-rqbe

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/tiff@4.0.6-1%3Fdistro=trixie

Package Instance