{"url":"http://public2.vulnerablecode.io/api/packages/101876?format=json","purl":"pkg:deb/debian/libgig@4.3.0~ds1-2?distro=trixie","type":"deb","namespace":"debian","name":"libgig","version":"4.3.0~ds1-2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"4.4.1-1","latest_non_vulnerable_version":"4.5.2-2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76187?format=json","vulnerability_id":"VCID-85gz-zcp6-z3e3","summary":"The gig::Region::Region function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12950","reference_id":"","reference_type":"","scores":[{"value":"0.04372","scoring_system":"epss","scoring_elements":"0.89149","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04372","scoring_system":"epss","scoring_elements":"0.89166","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04372","scoring_system":"epss","scoring_elements":"0.89167","published_at":"2026-06-06T12:55:00Z"},{"value":"0.04372","scoring_system":"epss","scoring_elements":"0.89183","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12950"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873718","reference_id":"873718","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873718"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42546.txt","reference_id":"CVE-2017-12954;CVE-2017-12953;CVE-2017-12952;CVE-2017-12951;CVE-2017-12950","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/42546.txt"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/101877?format=json","purl":"pkg:deb/debian/libgig@4.0.0-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.0.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101878?format=json","purl":"pkg:deb/debian/libgig@4.2.0~ds1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.2.0~ds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101876?format=json","purl":"pkg:deb/debian/libgig@4.3.0~ds1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.3.0~ds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101880?format=json","purl":"pkg:deb/debian/libgig@4.4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101879?format=json","purl":"pkg:deb/debian/libgig@4.5.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.5.2-2%3Fdistro=trixie"}],"aliases":["CVE-2017-12950"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-85gz-zcp6-z3e3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76196?format=json","vulnerability_id":"VCID-aenw-7qfd-9yg9","summary":"The gig::Instrument::UpdateRegionKeyTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (invalid memory write and application crash) via a crafted gig file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12953","reference_id":"","reference_type":"","scores":[{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87131","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87153","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87151","published_at":"2026-06-06T12:55:00Z"},{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87146","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87143","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87155","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12953"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12953","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12953"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873718","reference_id":"873718","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873718"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/101877?format=json","purl":"pkg:deb/debian/libgig@4.0.0-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.0.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101878?format=json","purl":"pkg:deb/debian/libgig@4.2.0~ds1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.2.0~ds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101876?format=json","purl":"pkg:deb/debian/libgig@4.3.0~ds1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.3.0~ds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101880?format=json","purl":"pkg:deb/debian/libgig@4.4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101879?format=json","purl":"pkg:deb/debian/libgig@4.5.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.5.2-2%3Fdistro=trixie"}],"aliases":["CVE-2017-12953"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aenw-7qfd-9yg9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76198?format=json","vulnerability_id":"VCID-de4w-sm5k-4kfd","summary":"The gig::Region::GetSampleFromWavePool function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted gig file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12954","reference_id":"","reference_type":"","scores":[{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87131","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87153","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87151","published_at":"2026-06-06T12:55:00Z"},{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87146","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87143","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87155","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12954"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12954","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12954"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877652","reference_id":"877652","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877652"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/101881?format=json","purl":"pkg:deb/debian/libgig@4.0.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.0.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101878?format=json","purl":"pkg:deb/debian/libgig@4.2.0~ds1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.2.0~ds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101876?format=json","purl":"pkg:deb/debian/libgig@4.3.0~ds1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.3.0~ds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101880?format=json","purl":"pkg:deb/debian/libgig@4.4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101879?format=json","purl":"pkg:deb/debian/libgig@4.5.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.5.2-2%3Fdistro=trixie"}],"aliases":["CVE-2017-12954"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-de4w-sm5k-4kfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76190?format=json","vulnerability_id":"VCID-q9xq-f72v-vqcb","summary":"The gig::DimensionRegion::CreateVelocityTable function in gig.cpp in libgig 4.0.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted gig file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12951","reference_id":"","reference_type":"","scores":[{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87131","published_at":"2026-06-04T12:55:00Z"},{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87153","published_at":"2026-06-05T12:55:00Z"},{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87151","published_at":"2026-06-06T12:55:00Z"},{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87146","published_at":"2026-06-07T12:55:00Z"},{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87143","published_at":"2026-06-08T12:55:00Z"},{"value":"0.03146","scoring_system":"epss","scoring_elements":"0.87155","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12951"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12951","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12951"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877651","reference_id":"877651","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877651"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/101881?format=json","purl":"pkg:deb/debian/libgig@4.0.0-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.0.0-5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101878?format=json","purl":"pkg:deb/debian/libgig@4.2.0~ds1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.2.0~ds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101876?format=json","purl":"pkg:deb/debian/libgig@4.3.0~ds1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.3.0~ds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101880?format=json","purl":"pkg:deb/debian/libgig@4.4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101879?format=json","purl":"pkg:deb/debian/libgig@4.5.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.5.2-2%3Fdistro=trixie"}],"aliases":["CVE-2017-12951"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q9xq-f72v-vqcb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76193?format=json","vulnerability_id":"VCID-y6vx-wmn8-7fee","summary":"The LoadString function in helper.h in libgig 4.0.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted gig file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12952","reference_id":"","reference_type":"","scores":[{"value":"0.04733","scoring_system":"epss","scoring_elements":"0.89591","published_at":"2026-06-04T12:55:00Z"},{"value":"0.04733","scoring_system":"epss","scoring_elements":"0.89608","published_at":"2026-06-05T12:55:00Z"},{"value":"0.04733","scoring_system":"epss","scoring_elements":"0.89607","published_at":"2026-06-08T12:55:00Z"},{"value":"0.04733","scoring_system":"epss","scoring_elements":"0.89606","published_at":"2026-06-07T12:55:00Z"},{"value":"0.04733","scoring_system":"epss","scoring_elements":"0.89623","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-12952"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12952","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12952"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873718","reference_id":"873718","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873718"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/101877?format=json","purl":"pkg:deb/debian/libgig@4.0.0-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.0.0-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101878?format=json","purl":"pkg:deb/debian/libgig@4.2.0~ds1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.2.0~ds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101876?format=json","purl":"pkg:deb/debian/libgig@4.3.0~ds1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.3.0~ds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101880?format=json","purl":"pkg:deb/debian/libgig@4.4.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.4.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/101879?format=json","purl":"pkg:deb/debian/libgig@4.5.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.5.2-2%3Fdistro=trixie"}],"aliases":["CVE-2017-12952"],"risk_score":null,"exploitability":"2.0","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y6vx-wmn8-7fee"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libgig@4.3.0~ds1-2%3Fdistro=trixie"}