{"url":"http://public2.vulnerablecode.io/api/packages/103401?format=json","purl":"pkg:deb/debian/librecad@2.2.0-1?distro=trixie","type":"deb","namespace":"debian","name":"librecad","version":"2.2.0-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.2.0.2-1","latest_non_vulnerable_version":"2.2.0.2-3","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76949?format=json","vulnerability_id":"VCID-u4pt-fq5g-efg4","summary":"A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30259","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.1292","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12923","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12884","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12799","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.1283","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-30259"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30259","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30259"},{"reference_url":"https://github.com/LibreCAD/LibreCAD/issues/1481","reference_id":"1481","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:54:39Z/"}],"url":"https://github.com/LibreCAD/LibreCAD/issues/1481"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103405?format=json","purl":"pkg:deb/debian/librecad@2.2.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103404?format=json","purl":"pkg:deb/debian/librecad@2.2.0.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0.2-3%3Fdistro=trixie"}],"aliases":["CVE-2023-30259"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u4pt-fq5g-efg4"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76948?format=json","vulnerability_id":"VCID-4f47-61jw-hfc6","summary":"In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45343","reference_id":"","reference_type":"","scores":[{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53482","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53541","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.5355","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53537","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00298","scoring_system":"epss","scoring_elements":"0.53513","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45343"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45343"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004518","reference_id":"1004518","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004518"},{"reference_url":"https://security.gentoo.org/glsa/202305-26","reference_id":"GLSA-202305-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-26"},{"reference_url":"https://usn.ubuntu.com/5957-1/","reference_id":"USN-5957-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5957-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103403?format=json","purl":"pkg:deb/debian/librecad@2.1.3-1.3%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-u4pt-fq5g-efg4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.1.3-1.3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103408?format=json","purl":"pkg:deb/debian/librecad@2.1.3-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.1.3-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103401?format=json","purl":"pkg:deb/debian/librecad@2.2.0-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-u4pt-fq5g-efg4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103405?format=json","purl":"pkg:deb/debian/librecad@2.2.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103404?format=json","purl":"pkg:deb/debian/librecad@2.2.0.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0.2-3%3Fdistro=trixie"}],"aliases":["CVE-2021-45343"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4f47-61jw-hfc6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3347?format=json","vulnerability_id":"VCID-9emk-fjm6-xudr","summary":"arbitrary code execution","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21898","reference_id":"","reference_type":"","scores":[{"value":"0.01929","scoring_system":"epss","scoring_elements":"0.83714","published_at":"2026-06-04T12:55:00Z"},{"value":"0.01929","scoring_system":"epss","scoring_elements":"0.83738","published_at":"2026-06-06T12:55:00Z"},{"value":"0.01929","scoring_system":"epss","scoring_elements":"0.83734","published_at":"2026-06-07T12:55:00Z"},{"value":"0.01929","scoring_system":"epss","scoring_elements":"0.83726","published_at":"2026-06-08T12:55:00Z"},{"value":"0.01929","scoring_system":"epss","scoring_elements":"0.83739","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45343"},{"reference_url":"https://security.archlinux.org/AVG-2576","reference_id":"AVG-2576","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2576"},{"reference_url":"https://security.gentoo.org/glsa/202305-26","reference_id":"GLSA-202305-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-26"},{"reference_url":"https://usn.ubuntu.com/5957-1/","reference_id":"USN-5957-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5957-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103403?format=json","purl":"pkg:deb/debian/librecad@2.1.3-1.3%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-u4pt-fq5g-efg4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.1.3-1.3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103407?format=json","purl":"pkg:deb/debian/librecad@2.1.3-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.1.3-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103401?format=json","purl":"pkg:deb/debian/librecad@2.2.0-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-u4pt-fq5g-efg4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103405?format=json","purl":"pkg:deb/debian/librecad@2.2.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103404?format=json","purl":"pkg:deb/debian/librecad@2.2.0.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0.2-3%3Fdistro=trixie"}],"aliases":["CVE-2021-21898"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9emk-fjm6-xudr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76946?format=json","vulnerability_id":"VCID-hfcn-zsbg-pkeu","summary":"A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45341","reference_id":"","reference_type":"","scores":[{"value":"0.06191","scoring_system":"epss","scoring_elements":"0.91013","published_at":"2026-06-04T12:55:00Z"},{"value":"0.06191","scoring_system":"epss","scoring_elements":"0.91026","published_at":"2026-06-06T12:55:00Z"},{"value":"0.06191","scoring_system":"epss","scoring_elements":"0.91022","published_at":"2026-06-07T12:55:00Z"},{"value":"0.06191","scoring_system":"epss","scoring_elements":"0.91019","published_at":"2026-06-08T12:55:00Z"},{"value":"0.06191","scoring_system":"epss","scoring_elements":"0.91035","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45343"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004518","reference_id":"1004518","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004518"},{"reference_url":"https://security.gentoo.org/glsa/202305-26","reference_id":"GLSA-202305-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-26"},{"reference_url":"https://usn.ubuntu.com/5957-1/","reference_id":"USN-5957-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5957-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103403?format=json","purl":"pkg:deb/debian/librecad@2.1.3-1.3%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-u4pt-fq5g-efg4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.1.3-1.3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103408?format=json","purl":"pkg:deb/debian/librecad@2.1.3-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.1.3-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103401?format=json","purl":"pkg:deb/debian/librecad@2.2.0-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-u4pt-fq5g-efg4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103405?format=json","purl":"pkg:deb/debian/librecad@2.2.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103404?format=json","purl":"pkg:deb/debian/librecad@2.2.0.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0.2-3%3Fdistro=trixie"}],"aliases":["CVE-2021-45341"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hfcn-zsbg-pkeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3346?format=json","vulnerability_id":"VCID-tbvu-vp2u-4ych","summary":"arbitrary code execution","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21899","reference_id":"","reference_type":"","scores":[{"value":"0.02827","scoring_system":"epss","scoring_elements":"0.86464","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02827","scoring_system":"epss","scoring_elements":"0.86439","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02827","scoring_system":"epss","scoring_elements":"0.86463","published_at":"2026-06-05T12:55:00Z"},{"value":"0.02827","scoring_system":"epss","scoring_elements":"0.8646","published_at":"2026-06-09T12:55:00Z"},{"value":"0.02827","scoring_system":"epss","scoring_elements":"0.86459","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02827","scoring_system":"epss","scoring_elements":"0.86447","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45343"},{"reference_url":"https://security.archlinux.org/AVG-2576","reference_id":"AVG-2576","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2576"},{"reference_url":"https://security.gentoo.org/glsa/202305-26","reference_id":"GLSA-202305-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-26"},{"reference_url":"https://usn.ubuntu.com/5957-1/","reference_id":"USN-5957-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5957-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103403?format=json","purl":"pkg:deb/debian/librecad@2.1.3-1.3%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-u4pt-fq5g-efg4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.1.3-1.3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103407?format=json","purl":"pkg:deb/debian/librecad@2.1.3-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.1.3-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103401?format=json","purl":"pkg:deb/debian/librecad@2.2.0-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-u4pt-fq5g-efg4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103405?format=json","purl":"pkg:deb/debian/librecad@2.2.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103404?format=json","purl":"pkg:deb/debian/librecad@2.2.0.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0.2-3%3Fdistro=trixie"}],"aliases":["CVE-2021-21899"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tbvu-vp2u-4ych"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/3345?format=json","vulnerability_id":"VCID-tsga-57n7-tye4","summary":"arbitrary code execution","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21900","reference_id":"","reference_type":"","scores":[{"value":"0.0162","scoring_system":"epss","scoring_elements":"0.82194","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0162","scoring_system":"epss","scoring_elements":"0.82164","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0162","scoring_system":"epss","scoring_elements":"0.82193","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0162","scoring_system":"epss","scoring_elements":"0.82204","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0162","scoring_system":"epss","scoring_elements":"0.82196","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0162","scoring_system":"epss","scoring_elements":"0.8219","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-21900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45343"},{"reference_url":"https://security.archlinux.org/AVG-2576","reference_id":"AVG-2576","reference_type":"","scores":[{"value":"Medium","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2576"},{"reference_url":"https://security.gentoo.org/glsa/202305-26","reference_id":"GLSA-202305-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-26"},{"reference_url":"https://usn.ubuntu.com/5957-1/","reference_id":"USN-5957-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5957-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103403?format=json","purl":"pkg:deb/debian/librecad@2.1.3-1.3%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-u4pt-fq5g-efg4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.1.3-1.3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103407?format=json","purl":"pkg:deb/debian/librecad@2.1.3-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.1.3-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103401?format=json","purl":"pkg:deb/debian/librecad@2.2.0-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-u4pt-fq5g-efg4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103405?format=json","purl":"pkg:deb/debian/librecad@2.2.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103404?format=json","purl":"pkg:deb/debian/librecad@2.2.0.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0.2-3%3Fdistro=trixie"}],"aliases":["CVE-2021-21900"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tsga-57n7-tye4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76945?format=json","vulnerability_id":"VCID-txpb-45w2-jqa9","summary":"LibreCAD 2.1.3 allows remote attackers to cause a denial of service (0x89C04589 write access violation and application crash) or possibly have unspecified other impact via a crafted file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19105","reference_id":"","reference_type":"","scores":[{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.55161","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.5522","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.55227","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.55218","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00318","scoring_system":"epss","scoring_elements":"0.55199","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-19105"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19105","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19105"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928477","reference_id":"928477","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928477"},{"reference_url":"https://usn.ubuntu.com/5957-1/","reference_id":"USN-5957-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5957-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103402?format=json","purl":"pkg:deb/debian/librecad@2.1.3-1.2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.1.3-1.2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103403?format=json","purl":"pkg:deb/debian/librecad@2.1.3-1.3%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-u4pt-fq5g-efg4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.1.3-1.3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103401?format=json","purl":"pkg:deb/debian/librecad@2.2.0-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-u4pt-fq5g-efg4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103405?format=json","purl":"pkg:deb/debian/librecad@2.2.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103404?format=json","purl":"pkg:deb/debian/librecad@2.2.0.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0.2-3%3Fdistro=trixie"}],"aliases":["CVE-2018-19105"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-txpb-45w2-jqa9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/76947?format=json","vulnerability_id":"VCID-tzr6-pes5-k7gf","summary":"A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45342","reference_id":"","reference_type":"","scores":[{"value":"0.02621","scoring_system":"epss","scoring_elements":"0.85946","published_at":"2026-06-04T12:55:00Z"},{"value":"0.02621","scoring_system":"epss","scoring_elements":"0.85968","published_at":"2026-06-07T12:55:00Z"},{"value":"0.02621","scoring_system":"epss","scoring_elements":"0.85971","published_at":"2026-06-06T12:55:00Z"},{"value":"0.02621","scoring_system":"epss","scoring_elements":"0.85956","published_at":"2026-06-08T12:55:00Z"},{"value":"0.02621","scoring_system":"epss","scoring_elements":"0.8597","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21898","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21898"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21899","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21899"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21900","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21900"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45343"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004518","reference_id":"1004518","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004518"},{"reference_url":"https://security.gentoo.org/glsa/202305-26","reference_id":"GLSA-202305-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-26"},{"reference_url":"https://usn.ubuntu.com/5957-1/","reference_id":"USN-5957-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5957-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/103403?format=json","purl":"pkg:deb/debian/librecad@2.1.3-1.3%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-u4pt-fq5g-efg4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.1.3-1.3%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103408?format=json","purl":"pkg:deb/debian/librecad@2.1.3-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.1.3-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103401?format=json","purl":"pkg:deb/debian/librecad@2.2.0-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-u4pt-fq5g-efg4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103405?format=json","purl":"pkg:deb/debian/librecad@2.2.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/103404?format=json","purl":"pkg:deb/debian/librecad@2.2.0.2-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0.2-3%3Fdistro=trixie"}],"aliases":["CVE-2021-45342"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tzr6-pes5-k7gf"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/librecad@2.2.0-1%3Fdistro=trixie"}