{"url":"http://public2.vulnerablecode.io/api/packages/1037645?format=json","purl":"pkg:deb/debian/texlive-bin@2007.dfsg.2-4%2Blenny3","type":"deb","namespace":"debian","name":"texlive-bin","version":"2007.dfsg.2-4+lenny3","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2026.20260303.78225+ds-4","latest_non_vulnerable_version":"2026.20260303.78225+ds-4","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48369?format=json","vulnerability_id":"VCID-1upn-29dc-zfcc","summary":"Multiple vulnerabilities were found in texlive-core, allowing\n    attackers to execute arbitrary code.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0827.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0827.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0827","reference_id":"","reference_type":"","scores":[{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89254","published_at":"2026-05-16T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89094","published_at":"2026-04-01T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89102","published_at":"2026-04-02T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89116","published_at":"2026-04-04T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89119","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89137","published_at":"2026-04-08T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89142","published_at":"2026-04-09T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89153","published_at":"2026-04-11T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89149","published_at":"2026-04-12T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89147","published_at":"2026-04-13T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89159","published_at":"2026-04-18T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89156","published_at":"2026-04-21T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89173","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89178","published_at":"2026-04-26T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89183","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89191","published_at":"2026-05-05T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89207","published_at":"2026-05-07T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89218","published_at":"2026-05-09T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89215","published_at":"2026-05-11T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89225","published_at":"2026-05-12T12:55:00Z"},{"value":"0.04513","scoring_system":"epss","scoring_elements":"0.89244","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0827"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0827","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0827"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201206-28.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201206-28.xml"},{"reference_url":"http://security-tracker.debian.org/tracker/CVE-2010-0827","reference_id":"","reference_type":"","scores":[],"url":"http://security-tracker.debian.org/tracker/CVE-2010-0827"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10052","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10052"},{"reference_url":"http://www.securityfocus.com/bid/39971","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/39971"},{"reference_url":"http://www.tug.org/svn/texlive/trunk/Build/source/texk/dvipsk/ChangeLog?r1=18009&r2=18095","reference_id":"","reference_type":"","scores":[],"url":"http://www.tug.org/svn/texlive/trunk/Build/source/texk/dvipsk/ChangeLog?r1=18009&r2=18095"},{"reference_url":"http://www.tug.org/svn/texlive/trunk/Build/source/texk/dvipsk/ChangeLog?view=log","reference_id":"","reference_type":"","scores":[],"url":"http://www.tug.org/svn/texlive/trunk/Build/source/texk/dvipsk/ChangeLog?view=log"},{"reference_url":"http://www.ubuntu.com/usn/USN-937-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-937-1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=572914","reference_id":"572914","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=572914"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580669","reference_id":"580669","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580669"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1996:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:1996:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1996:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1998:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:1998:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1998:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1999:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:1999:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1999:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2000:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:2000:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2000:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2001:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:2001:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2001:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2002:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:2002:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2002:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2003:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:2003:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2003:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2004:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:2004:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2004:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2005:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:2005:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2005:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2007:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:2007:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2007:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2008:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:2008:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2008:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-0827","reference_id":"CVE-2010-0827","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-0827"},{"reference_url":"https://security.gentoo.org/glsa/201206-28","reference_id":"GLSA-201206-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-28"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0401","reference_id":"RHSA-2010:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0401"},{"reference_url":"https://usn.ubuntu.com/937-1/","reference_id":"USN-937-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/937-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037646?format=json","purl":"pkg:deb/debian/texlive-bin@2009-8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ggs-vja8-r3de"},{"vulnerability":"VCID-3gpv-93qp-bfhn"},{"vulnerability":"VCID-47dt-fhqh-pkag"},{"vulnerability":"VCID-9kvx-465q-fkam"},{"vulnerability":"VCID-bqqh-5311-w7ca"},{"vulnerability":"VCID-ka9w-ss8w-sqhb"},{"vulnerability":"VCID-mxh6-rpb3-tbbq"},{"vulnerability":"VCID-tju2-c87e-5kcx"},{"vulnerability":"VCID-z8b6-9u9h-gkcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2009-8"}],"aliases":["CVE-2010-0827"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1upn-29dc-zfcc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7052?format=json","vulnerability_id":"VCID-3ggs-vja8-r3de","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nBuffer overflow in the png_read_IDAT_data function in pngrutil.c in libpng allows context-dependent attackers to execute arbitrary code via IDAT data with a large width, a different vulnerability than CVE-2014-9495.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0973.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0973.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0973","reference_id":"","reference_type":"","scores":[{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83617","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.8363","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83677","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83694","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83687","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83683","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83718","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83719","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83744","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83752","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83758","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83781","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83802","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83819","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83834","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83869","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.8388","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83883","published_at":"2026-05-16T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83644","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.83646","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02006","scoring_system":"epss","scoring_elements":"0.8367","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-0973"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0973"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/01/10/1","reference_id":"1","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:25:31Z/"}],"url":"http://www.openwall.com/lists/oss-security/2015/01/10/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1177327","reference_id":"1177327","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1177327"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/01/10/3","reference_id":"3","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:25:31Z/"}],"url":"http://www.openwall.com/lists/oss-security/2015/01/10/3"},{"reference_url":"http://sourceforge.net/p/png-mng/mailman/message/33173461/","reference_id":"33173461","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:25:31Z/"}],"url":"http://sourceforge.net/p/png-mng/mailman/message/33173461/"},{"reference_url":"http://secunia.com/advisories/62725","reference_id":"62725","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:25:31Z/"}],"url":"http://secunia.com/advisories/62725"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773823","reference_id":"773823","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773823"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775673","reference_id":"775673","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775673"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2015-0973","reference_id":"CVE-2015-0973","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2015-0973"},{"reference_url":"http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt","reference_id":"libpng_heap_overflow_1.6.15.txt","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:25:31Z/"}],"url":"http://tfpwn.com/files/libpng_heap_overflow_1.6.15.txt"},{"reference_url":"https://security.netapp.com/advisory/ntap-20240719-0005/","reference_id":"ntap-20240719-0005","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:25:31Z/"}],"url":"https://security.netapp.com/advisory/ntap-20240719-0005/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037648?format=json","purl":"pkg:deb/debian/texlive-bin@2014.20140926.35254-6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gpv-93qp-bfhn"},{"vulnerability":"VCID-47dt-fhqh-pkag"},{"vulnerability":"VCID-9kvx-465q-fkam"},{"vulnerability":"VCID-bqqh-5311-w7ca"},{"vulnerability":"VCID-tju2-c87e-5kcx"},{"vulnerability":"VCID-z8b6-9u9h-gkcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2014.20140926.35254-6"}],"aliases":["CVE-2015-0973"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3ggs-vja8-r3de"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59405?format=json","vulnerability_id":"VCID-3gpv-93qp-bfhn","summary":"A vulnerability in Kpathsea allows remote attackers to execute\n    arbitrary commands by manipulating the -tex option from mpost program.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10243.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-10243.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10243","reference_id":"","reference_type":"","scores":[{"value":"0.09885","scoring_system":"epss","scoring_elements":"0.92969","published_at":"2026-04-01T12:55:00Z"},{"value":"0.09885","scoring_system":"epss","scoring_elements":"0.92998","published_at":"2026-04-13T12:55:00Z"},{"value":"0.09885","scoring_system":"epss","scoring_elements":"0.92999","published_at":"2026-04-11T12:55:00Z"},{"value":"0.09885","scoring_system":"epss","scoring_elements":"0.92997","published_at":"2026-04-12T12:55:00Z"},{"value":"0.09885","scoring_system":"epss","scoring_elements":"0.93008","published_at":"2026-04-16T12:55:00Z"},{"value":"0.09885","scoring_system":"epss","scoring_elements":"0.9301","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09885","scoring_system":"epss","scoring_elements":"0.93017","published_at":"2026-04-21T12:55:00Z"},{"value":"0.09885","scoring_system":"epss","scoring_elements":"0.93023","published_at":"2026-04-26T12:55:00Z"},{"value":"0.09885","scoring_system":"epss","scoring_elements":"0.93018","published_at":"2026-04-29T12:55:00Z"},{"value":"0.09885","scoring_system":"epss","scoring_elements":"0.93022","published_at":"2026-05-05T12:55:00Z"},{"value":"0.09885","scoring_system":"epss","scoring_elements":"0.93039","published_at":"2026-05-07T12:55:00Z"},{"value":"0.09885","scoring_system":"epss","scoring_elements":"0.92978","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09885","scoring_system":"epss","scoring_elements":"0.92982","published_at":"2026-04-04T12:55:00Z"},{"value":"0.09885","scoring_system":"epss","scoring_elements":"0.92981","published_at":"2026-04-07T12:55:00Z"},{"value":"0.09885","scoring_system":"epss","scoring_elements":"0.92989","published_at":"2026-04-08T12:55:00Z"},{"value":"0.09885","scoring_system":"epss","scoring_elements":"0.92994","published_at":"2026-04-09T12:55:00Z"},{"value":"0.1059","scoring_system":"epss","scoring_elements":"0.93343","published_at":"2026-05-12T12:55:00Z"},{"value":"0.1059","scoring_system":"epss","scoring_elements":"0.93358","published_at":"2026-05-16T12:55:00Z"},{"value":"0.1059","scoring_system":"epss","scoring_elements":"0.93364","published_at":"2026-05-15T12:55:00Z"},{"value":"0.1059","scoring_system":"epss","scoring_elements":"0.93335","published_at":"2026-05-09T12:55:00Z"},{"value":"0.1059","scoring_system":"epss","scoring_elements":"0.93336","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-10243"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10243","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10243"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:P/I:P/A:P"},{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B7CNJ4HKX7X6V7VMN3UCU7KPY6IX4XRB/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/B7CNJ4HKX7X6V7VMN3UCU7KPY6IX4XRB/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL6PUKPWEXYIPIAZRIX5ZLQWCSALVLFP/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VL6PUKPWEXYIPIAZRIX5ZLQWCSALVLFP/"},{"reference_url":"https://scumjr.github.io/2016/11/28/pwning-coworkers-thanks-to-latex/","reference_id":"","reference_type":"","scores":[],"url":"https://scumjr.github.io/2016/11/28/pwning-coworkers-thanks-to-latex/"},{"reference_url":"https://www.tug.org/svn/texlive?view=revision&revision=42605","reference_id":"","reference_type":"","scores":[],"url":"https://www.tug.org/svn/texlive?view=revision&revision=42605"},{"reference_url":"http://www.debian.org/security/2017/dsa-3803","reference_id":"","reference_type":"","scores":[],"url":"http://www.debian.org/security/2017/dsa-3803"},{"reference_url":"http://www.openwall.com/lists/oss-security/2017/03/05/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2017/03/05/1"},{"reference_url":"http://www.securityfocus.com/bid/96593","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/96593"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429452","reference_id":"1429452","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1429452"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:25:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:26:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-10243","reference_id":"CVE-2016-10243","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-10243"},{"reference_url":"https://security.gentoo.org/glsa/201709-07","reference_id":"GLSA-201709-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201709-07"},{"reference_url":"https://usn.ubuntu.com/3401-1/","reference_id":"USN-3401-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3401-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1053587?format=json","purl":"pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-47dt-fhqh-pkag"},{"vulnerability":"VCID-bqqh-5311-w7ca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1"}],"aliases":["CVE-2016-10243"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3gpv-93qp-bfhn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95537?format=json","vulnerability_id":"VCID-47dt-fhqh-pkag","summary":"LuaTeX before 1.17.0 allows a document (compiled with the default settings) to make arbitrary network requests. This occurs because full access to the socket library is permitted by default, as stated in the documentation. This also affects TeX Live before 2023 r66984 and MiKTeX before 23.5.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32668","reference_id":"","reference_type":"","scores":[{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17252","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17341","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17329","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00055","scoring_system":"epss","scoring_elements":"0.17335","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17933","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17924","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17833","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17811","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17776","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.1763","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17722","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17825","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17786","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18164","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17864","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17951","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18011","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18028","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17983","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18111","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17876","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17887","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32668"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32668","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32668"},{"reference_url":"https://tug.org/pipermail/tex-live/2023-May/049188.html","reference_id":"049188.html","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T16:40:54Z/"}],"url":"https://tug.org/pipermail/tex-live/2023-May/049188.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036470","reference_id":"1036470","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1036470"},{"reference_url":"https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/tags/1.17.0","reference_id":"1.17.0","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T16:40:54Z/"}],"url":"https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/tags/1.17.0"},{"reference_url":"https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/blob/b266ef076c96b382cd23a4c93204e247bb98626a/source/texk/web2c/luatexdir/ChangeLog#L1-L3","reference_id":"ChangeLog#L1-L3","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T16:40:54Z/"}],"url":"https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/blob/b266ef076c96b382cd23a4c93204e247bb98626a/source/texk/web2c/luatexdir/ChangeLog#L1-L3"},{"reference_url":"https://tug.org/~mseven/luatex.html#luasocket","reference_id":"luatex.html#luasocket","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-27T16:40:54Z/"}],"url":"https://tug.org/~mseven/luatex.html#luasocket"},{"reference_url":"https://usn.ubuntu.com/6695-1/","reference_id":"USN-6695-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6695-1/"},{"reference_url":"https://usn.ubuntu.com/7985-1/","reference_id":"USN-7985-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7985-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994443?format=json","purl":"pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%2Bdeb12u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-15kj-emtf-vbag"},{"vulnerability":"VCID-22hs-pt9p-fbdn"},{"vulnerability":"VCID-24vd-syhs-gbhc"},{"vulnerability":"VCID-261q-t1h8-bufj"},{"vulnerability":"VCID-2pzz-h5vd-wyah"},{"vulnerability":"VCID-2unr-76q5-y7aw"},{"vulnerability":"VCID-3a9d-3kme-73d2"},{"vulnerability":"VCID-3v18-r2f3-1qdv"},{"vulnerability":"VCID-4cy9-447q-mbf3"},{"vulnerability":"VCID-4f2u-sskp-zkhu"},{"vulnerability":"VCID-4ses-k1k7-9ycz"},{"vulnerability":"VCID-4z3j-9yy6-u3eb"},{"vulnerability":"VCID-5p9e-n6p5-mudd"},{"vulnerability":"VCID-6fwt-gfj6-j7av"},{"vulnerability":"VCID-72m2-st3u-uyfm"},{"vulnerability":"VCID-76vf-yebs-mkg8"},{"vulnerability":"VCID-7x9j-31fq-hkg2"},{"vulnerability":"VCID-86bc-apbh-sbbn"},{"vulnerability":"VCID-88vn-jepe-33c1"},{"vulnerability":"VCID-8qwb-455y-bbcp"},{"vulnerability":"VCID-8xnh-5jb4-uygz"},{"vulnerability":"VCID-911d-pbx5-4qge"},{"vulnerability":"VCID-97ds-z5dk-6kbu"},{"vulnerability":"VCID-9e9z-hm4a-37ab"},{"vulnerability":"VCID-9mn1-e4dm-nfhd"},{"vulnerability":"VCID-a6an-r3tj-93ge"},{"vulnerability":"VCID-ast7-b75m-7uh3"},{"vulnerability":"VCID-bdbb-4kgq-y7ad"},{"vulnerability":"VCID-bdke-da3n-37hw"},{"vulnerability":"VCID-bw8n-jvsd-bqe9"},{"vulnerability":"VCID-d4tp-mmgz-6udh"},{"vulnerability":"VCID-dcjs-7eyq-a7gn"},{"vulnerability":"VCID-e8ev-axf6-dbc3"},{"vulnerability":"VCID-ecbh-vzp4-x7dr"},{"vulnerability":"VCID-eeet-mw7y-rudx"},{"vulnerability":"VCID-euy5-4h8q-hyb3"},{"vulnerability":"VCID-fbkh-5sb9-auc5"},{"vulnerability":"VCID-fkft-abbt-6ydx"},{"vulnerability":"VCID-fymb-bvn2-p7ej"},{"vulnerability":"VCID-fz4x-mcwe-aqgf"},{"vulnerability":"VCID-gh4u-68x5-27db"},{"vulnerability":"VCID-gsk7-273v-qfdz"},{"vulnerability":"VCID-h73f-kd2u-5yg3"},{"vulnerability":"VCID-hd3g-vc2p-4fhf"},{"vulnerability":"VCID-hqv6-gney-2fgw"},{"vulnerability":"VCID-hx8f-h823-kkhr"},{"vulnerability":"VCID-jahu-d9d6-jbbt"},{"vulnerability":"VCID-jxh3-k3es-bqah"},{"vulnerability":"VCID-k5ue-ga1d-q7gv"},{"vulnerability":"VCID-knp7-hye9-a3gv"},{"vulnerability":"VCID-m7rd-mh53-bycu"},{"vulnerability":"VCID-mm9w-wmdz-qye4"},{"vulnerability":"VCID-msch-wzj9-h7ga"},{"vulnerability":"VCID-n68j-881x-3uhp"},{"vulnerability":"VCID-nckm-umvv-3qcn"},{"vulnerability":"VCID-nk95-xdjm-vyfq"},{"vulnerability":"VCID-nucx-up6e-ayb8"},{"vulnerability":"VCID-nvrx-x1qs-vkdb"},{"vulnerability":"VCID-p973-cuza-tuhp"},{"vulnerability":"VCID-q4qv-tq4j-3uh2"},{"vulnerability":"VCID-qdek-hd55-hbe2"},{"vulnerability":"VCID-qjxs-qf6j-zycc"},{"vulnerability":"VCID-rrqw-zrh2-33dn"},{"vulnerability":"VCID-rype-ss6b-aude"},{"vulnerability":"VCID-su1a-e49q-pffw"},{"vulnerability":"VCID-t8bs-vvts-47ag"},{"vulnerability":"VCID-tqm6-8w98-q3dr"},{"vulnerability":"VCID-tz15-rmx4-pkdq"},{"vulnerability":"VCID-u9ur-b18b-gfhr"},{"vulnerability":"VCID-utve-4z7c-tkhk"},{"vulnerability":"VCID-v7pb-brn7-v7ah"},{"vulnerability":"VCID-v9pk-ecc9-yqbm"},{"vulnerability":"VCID-vfty-pe45-pya4"},{"vulnerability":"VCID-vk2y-ftzh-sqgh"},{"vulnerability":"VCID-whjt-pvqp-jycr"},{"vulnerability":"VCID-whmq-gsw4-sbgg"},{"vulnerability":"VCID-wngf-qn2d-ykef"},{"vulnerability":"VCID-ws93-jgn7-83c8"},{"vulnerability":"VCID-xfy6-snb8-63av"},{"vulnerability":"VCID-xrgb-9dwh-mubm"},{"vulnerability":"VCID-xxn1-2trx-myhs"},{"vulnerability":"VCID-xzdx-45tg-w7ft"},{"vulnerability":"VCID-y2pg-cgqs-s3gb"},{"vulnerability":"VCID-y4qh-ek9n-cyc1"},{"vulnerability":"VCID-ys96-uhkv-2qgv"},{"vulnerability":"VCID-zbsq-dfju-mkf5"},{"vulnerability":"VCID-zqjn-srqb-kfcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%252Bdeb12u2"}],"aliases":["CVE-2023-32668"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-47dt-fhqh-pkag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48368?format=json","vulnerability_id":"VCID-4r5u-9w2z-rkgh","summary":"Multiple vulnerabilities were found in texlive-core, allowing\n    attackers to execute arbitrary code.","references":[{"reference_url":"http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-stable.git%3Ba=blob%3Bf=source/xapps-extra/tetex/texlive-CVE-2010-0739-int-overflow.patch","reference_id":"","reference_type":"","scores":[],"url":"http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-stable.git%3Ba=blob%3Bf=source/xapps-extra/tetex/texlive-CVE-2010-0739-int-overflow.patch"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041573.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041573.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0739.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-0739.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0739","reference_id":"","reference_type":"","scores":[{"value":"0.077","scoring_system":"epss","scoring_elements":"0.9199","published_at":"2026-05-16T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91877","published_at":"2026-04-01T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91885","published_at":"2026-04-02T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91893","published_at":"2026-04-04T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.919","published_at":"2026-04-07T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91912","published_at":"2026-04-08T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91918","published_at":"2026-04-09T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91921","published_at":"2026-04-11T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.9192","published_at":"2026-04-12T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91917","published_at":"2026-04-13T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91936","published_at":"2026-04-16T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91933","published_at":"2026-04-18T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.9193","published_at":"2026-04-21T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91935","published_at":"2026-04-24T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91934","published_at":"2026-04-26T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91929","published_at":"2026-04-29T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91941","published_at":"2026-05-05T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91955","published_at":"2026-05-07T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91965","published_at":"2026-05-09T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91964","published_at":"2026-05-11T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91971","published_at":"2026-05-12T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91987","published_at":"2026-05-14T12:55:00Z"},{"value":"0.077","scoring_system":"epss","scoring_elements":"0.91996","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-0739"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0739"},{"reference_url":"http://secunia.com/advisories/39390","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/39390"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201206-28.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201206-28.xml"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11468","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11468"},{"reference_url":"http://www.securityfocus.com/bid/39500","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/39500"},{"reference_url":"http://www.ubuntu.com/usn/USN-937-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-937-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560668","reference_id":"560668","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560668"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=572941","reference_id":"572941","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=572941"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-0739","reference_id":"CVE-2010-0739","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-0739"},{"reference_url":"https://security.gentoo.org/glsa/201206-28","reference_id":"GLSA-201206-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-28"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0401","reference_id":"RHSA-2010:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0401"},{"reference_url":"https://usn.ubuntu.com/937-1/","reference_id":"USN-937-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/937-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037646?format=json","purl":"pkg:deb/debian/texlive-bin@2009-8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ggs-vja8-r3de"},{"vulnerability":"VCID-3gpv-93qp-bfhn"},{"vulnerability":"VCID-47dt-fhqh-pkag"},{"vulnerability":"VCID-9kvx-465q-fkam"},{"vulnerability":"VCID-bqqh-5311-w7ca"},{"vulnerability":"VCID-ka9w-ss8w-sqhb"},{"vulnerability":"VCID-mxh6-rpb3-tbbq"},{"vulnerability":"VCID-tju2-c87e-5kcx"},{"vulnerability":"VCID-z8b6-9u9h-gkcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2009-8"}],"aliases":["CVE-2010-0739"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4r5u-9w2z-rkgh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/78403?format=json","vulnerability_id":"VCID-9kvx-465q-fkam","summary":"texlive: arbitrary code execution allows document complied with older version","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32700.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-32700.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32700","reference_id":"","reference_type":"","scores":[{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48147","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48125","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48106","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48117","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48062","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.47982","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48047","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.4807","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48016","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48045","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.4812","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00249","scoring_system":"epss","scoring_elements":"0.48139","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00426","scoring_system":"epss","scoring_elements":"0.62214","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00426","scoring_system":"epss","scoring_elements":"0.62264","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00426","scoring_system":"epss","scoring_elements":"0.62309","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00426","scoring_system":"epss","scoring_elements":"0.62316","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00426","scoring_system":"epss","scoring_elements":"0.62244","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00426","scoring_system":"epss","scoring_elements":"0.6221","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00426","scoring_system":"epss","scoring_elements":"0.6226","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00426","scoring_system":"epss","scoring_elements":"0.62277","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00426","scoring_system":"epss","scoring_elements":"0.62296","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00426","scoring_system":"epss","scoring_elements":"0.62286","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-32700"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32700","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32700"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://tug.org/pipermail/tex-live/2023-May/049188.html","reference_id":"049188.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/"}],"url":"https://tug.org/pipermail/tex-live/2023-May/049188.html"},{"reference_url":"https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/tags/1.17.0","reference_id":"1.17.0","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/"}],"url":"https://gitlab.lisn.upsaclay.fr/texlive/luatex/-/tags/1.17.0"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2208943","reference_id":"2208943","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2208943"},{"reference_url":"https://github.com/TeX-Live/texlive-source/releases/tag/build-svn66984","reference_id":"build-svn66984","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/"}],"url":"https://github.com/TeX-Live/texlive-source/releases/tag/build-svn66984"},{"reference_url":"https://tug.org/~mseven/luatex.html","reference_id":"luatex.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/"}],"url":"https://tug.org/~mseven/luatex.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3661","reference_id":"RHSA-2023:3661","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3661"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLY43MIRONJSJVNBDFQHQ26MP3JIOB3H/","reference_id":"RLY43MIRONJSJVNBDFQHQ26MP3JIOB3H","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLY43MIRONJSJVNBDFQHQ26MP3JIOB3H/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TF6YXUUFRGBIXIIIEV5SGBJXXT2SMUK5/","reference_id":"TF6YXUUFRGBIXIIIEV5SGBJXXT2SMUK5","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track*","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-01-21T18:11:48Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TF6YXUUFRGBIXIIIEV5SGBJXXT2SMUK5/"},{"reference_url":"https://usn.ubuntu.com/6115-1/","reference_id":"USN-6115-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6115-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1053587?format=json","purl":"pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-47dt-fhqh-pkag"},{"vulnerability":"VCID-bqqh-5311-w7ca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1"}],"aliases":["CVE-2023-32700"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9kvx-465q-fkam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/95988?format=json","vulnerability_id":"VCID-bqqh-5311-w7ca","summary":"texlive-bin commit c515e was discovered to contain heap buffer overflow via the function ttfLoadHDMX:ttfdump. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted TTF file.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25262","reference_id":"","reference_type":"","scores":[{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34509","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34506","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34521","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34484","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34578","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34605","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34473","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34516","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34545","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34548","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.5559","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55557","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55471","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55528","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55487","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55514","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00325","scoring_system":"epss","scoring_elements":"0.55574","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00334","scoring_system":"epss","scoring_elements":"0.56178","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00334","scoring_system":"epss","scoring_elements":"0.56132","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00334","scoring_system":"epss","scoring_elements":"0.56181","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00334","scoring_system":"epss","scoring_elements":"0.56202","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-25262"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25262","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-25262"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064517","reference_id":"1064517","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1064517"},{"reference_url":"https://bugs.launchpad.net/ubuntu/+source/texlive-bin/+bug/2047912","reference_id":"2047912","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T18:34:50Z/"}],"url":"https://bugs.launchpad.net/ubuntu/+source/texlive-bin/+bug/2047912"},{"reference_url":"https://tug.org/svn/texlive/trunk/Build/source/texk/ttfdump/ChangeLog?revision=69605&view=co","reference_id":"ChangeLog?revision=69605&view=co","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-04T18:34:50Z/"}],"url":"https://tug.org/svn/texlive/trunk/Build/source/texk/ttfdump/ChangeLog?revision=69605&view=co"},{"reference_url":"https://usn.ubuntu.com/6695-1/","reference_id":"USN-6695-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6695-1/"},{"reference_url":"https://usn.ubuntu.com/7985-1/","reference_id":"USN-7985-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7985-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994443?format=json","purl":"pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%2Bdeb12u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-15kj-emtf-vbag"},{"vulnerability":"VCID-22hs-pt9p-fbdn"},{"vulnerability":"VCID-24vd-syhs-gbhc"},{"vulnerability":"VCID-261q-t1h8-bufj"},{"vulnerability":"VCID-2pzz-h5vd-wyah"},{"vulnerability":"VCID-2unr-76q5-y7aw"},{"vulnerability":"VCID-3a9d-3kme-73d2"},{"vulnerability":"VCID-3v18-r2f3-1qdv"},{"vulnerability":"VCID-4cy9-447q-mbf3"},{"vulnerability":"VCID-4f2u-sskp-zkhu"},{"vulnerability":"VCID-4ses-k1k7-9ycz"},{"vulnerability":"VCID-4z3j-9yy6-u3eb"},{"vulnerability":"VCID-5p9e-n6p5-mudd"},{"vulnerability":"VCID-6fwt-gfj6-j7av"},{"vulnerability":"VCID-72m2-st3u-uyfm"},{"vulnerability":"VCID-76vf-yebs-mkg8"},{"vulnerability":"VCID-7x9j-31fq-hkg2"},{"vulnerability":"VCID-86bc-apbh-sbbn"},{"vulnerability":"VCID-88vn-jepe-33c1"},{"vulnerability":"VCID-8qwb-455y-bbcp"},{"vulnerability":"VCID-8xnh-5jb4-uygz"},{"vulnerability":"VCID-911d-pbx5-4qge"},{"vulnerability":"VCID-97ds-z5dk-6kbu"},{"vulnerability":"VCID-9e9z-hm4a-37ab"},{"vulnerability":"VCID-9mn1-e4dm-nfhd"},{"vulnerability":"VCID-a6an-r3tj-93ge"},{"vulnerability":"VCID-ast7-b75m-7uh3"},{"vulnerability":"VCID-bdbb-4kgq-y7ad"},{"vulnerability":"VCID-bdke-da3n-37hw"},{"vulnerability":"VCID-bw8n-jvsd-bqe9"},{"vulnerability":"VCID-d4tp-mmgz-6udh"},{"vulnerability":"VCID-dcjs-7eyq-a7gn"},{"vulnerability":"VCID-e8ev-axf6-dbc3"},{"vulnerability":"VCID-ecbh-vzp4-x7dr"},{"vulnerability":"VCID-eeet-mw7y-rudx"},{"vulnerability":"VCID-euy5-4h8q-hyb3"},{"vulnerability":"VCID-fbkh-5sb9-auc5"},{"vulnerability":"VCID-fkft-abbt-6ydx"},{"vulnerability":"VCID-fymb-bvn2-p7ej"},{"vulnerability":"VCID-fz4x-mcwe-aqgf"},{"vulnerability":"VCID-gh4u-68x5-27db"},{"vulnerability":"VCID-gsk7-273v-qfdz"},{"vulnerability":"VCID-h73f-kd2u-5yg3"},{"vulnerability":"VCID-hd3g-vc2p-4fhf"},{"vulnerability":"VCID-hqv6-gney-2fgw"},{"vulnerability":"VCID-hx8f-h823-kkhr"},{"vulnerability":"VCID-jahu-d9d6-jbbt"},{"vulnerability":"VCID-jxh3-k3es-bqah"},{"vulnerability":"VCID-k5ue-ga1d-q7gv"},{"vulnerability":"VCID-knp7-hye9-a3gv"},{"vulnerability":"VCID-m7rd-mh53-bycu"},{"vulnerability":"VCID-mm9w-wmdz-qye4"},{"vulnerability":"VCID-msch-wzj9-h7ga"},{"vulnerability":"VCID-n68j-881x-3uhp"},{"vulnerability":"VCID-nckm-umvv-3qcn"},{"vulnerability":"VCID-nk95-xdjm-vyfq"},{"vulnerability":"VCID-nucx-up6e-ayb8"},{"vulnerability":"VCID-nvrx-x1qs-vkdb"},{"vulnerability":"VCID-p973-cuza-tuhp"},{"vulnerability":"VCID-q4qv-tq4j-3uh2"},{"vulnerability":"VCID-qdek-hd55-hbe2"},{"vulnerability":"VCID-qjxs-qf6j-zycc"},{"vulnerability":"VCID-rrqw-zrh2-33dn"},{"vulnerability":"VCID-rype-ss6b-aude"},{"vulnerability":"VCID-su1a-e49q-pffw"},{"vulnerability":"VCID-t8bs-vvts-47ag"},{"vulnerability":"VCID-tqm6-8w98-q3dr"},{"vulnerability":"VCID-tz15-rmx4-pkdq"},{"vulnerability":"VCID-u9ur-b18b-gfhr"},{"vulnerability":"VCID-utve-4z7c-tkhk"},{"vulnerability":"VCID-v7pb-brn7-v7ah"},{"vulnerability":"VCID-v9pk-ecc9-yqbm"},{"vulnerability":"VCID-vfty-pe45-pya4"},{"vulnerability":"VCID-vk2y-ftzh-sqgh"},{"vulnerability":"VCID-whjt-pvqp-jycr"},{"vulnerability":"VCID-whmq-gsw4-sbgg"},{"vulnerability":"VCID-wngf-qn2d-ykef"},{"vulnerability":"VCID-ws93-jgn7-83c8"},{"vulnerability":"VCID-xfy6-snb8-63av"},{"vulnerability":"VCID-xrgb-9dwh-mubm"},{"vulnerability":"VCID-xxn1-2trx-myhs"},{"vulnerability":"VCID-xzdx-45tg-w7ft"},{"vulnerability":"VCID-y2pg-cgqs-s3gb"},{"vulnerability":"VCID-y4qh-ek9n-cyc1"},{"vulnerability":"VCID-ys96-uhkv-2qgv"},{"vulnerability":"VCID-zbsq-dfju-mkf5"},{"vulnerability":"VCID-zqjn-srqb-kfcg"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2022.20220321.62855-5.1%252Bdeb12u2"}],"aliases":["CVE-2024-25262"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bqqh-5311-w7ca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48370?format=json","vulnerability_id":"VCID-ec4g-satx-pqg2","summary":"Multiple vulnerabilities were found in texlive-core, allowing\n    attackers to execute arbitrary code.","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041573.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041573.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1440.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-1440.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1440","reference_id":"","reference_type":"","scores":[{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86393","published_at":"2026-05-16T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86169","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86179","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86192","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86193","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86212","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86223","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86238","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86235","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86231","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86248","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86254","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86246","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86267","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86276","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86295","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86316","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86336","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86333","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86346","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86383","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02852","scoring_system":"epss","scoring_elements":"0.86392","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-1440"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1440"},{"reference_url":"http://security.gentoo.org/glsa/glsa-201206-28.xml","reference_id":"","reference_type":"","scores":[],"url":"http://security.gentoo.org/glsa/glsa-201206-28.xml"},{"reference_url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10068","reference_id":"","reference_type":"","scores":[],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10068"},{"reference_url":"http://www.ubuntu.com/usn/USN-937-1","reference_id":"","reference_type":"","scores":[],"url":"http://www.ubuntu.com/usn/USN-937-1"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580668","reference_id":"580668","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580668"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=586819","reference_id":"586819","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=586819"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tetex:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1996:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:1996:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1996:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1998:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:1998:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1998:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1999:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:1999:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:1999:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2000:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:2000:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2000:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2001:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:2001:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2001:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2002:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:2002:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2002:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2003:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:2003:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2003:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2004:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:2004:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2004:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2005:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:2005:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2005:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2007:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:2007:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2007:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2008:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:tug:tex_live:2008:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:tug:tex_live:2008:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1440","reference_id":"CVE-2010-1440","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2010-1440"},{"reference_url":"https://security.gentoo.org/glsa/201206-28","reference_id":"GLSA-201206-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-28"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0400","reference_id":"RHSA-2010:0400","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0400"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0401","reference_id":"RHSA-2010:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0401"},{"reference_url":"https://usn.ubuntu.com/937-1/","reference_id":"USN-937-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/937-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037646?format=json","purl":"pkg:deb/debian/texlive-bin@2009-8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ggs-vja8-r3de"},{"vulnerability":"VCID-3gpv-93qp-bfhn"},{"vulnerability":"VCID-47dt-fhqh-pkag"},{"vulnerability":"VCID-9kvx-465q-fkam"},{"vulnerability":"VCID-bqqh-5311-w7ca"},{"vulnerability":"VCID-ka9w-ss8w-sqhb"},{"vulnerability":"VCID-mxh6-rpb3-tbbq"},{"vulnerability":"VCID-tju2-c87e-5kcx"},{"vulnerability":"VCID-z8b6-9u9h-gkcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2009-8"}],"aliases":["CVE-2010-1440"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ec4g-satx-pqg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85954?format=json","vulnerability_id":"VCID-ka9w-ss8w-sqhb","summary":"texlive: insecure use of /tmp in mktexlsr","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5700.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5700.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5700","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14551","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14367","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14396","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14371","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14316","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14178","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14328","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14421","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14413","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14456","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.1454","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14546","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25704","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25746","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25515","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25588","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25635","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25646","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25604","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25547","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25552","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25537","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25633","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5700"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5700","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5700"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1181167","reference_id":"1181167","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1181167"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775139","reference_id":"775139","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775139"},{"reference_url":"https://usn.ubuntu.com/3788-1/","reference_id":"USN-3788-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3788-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037648?format=json","purl":"pkg:deb/debian/texlive-bin@2014.20140926.35254-6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gpv-93qp-bfhn"},{"vulnerability":"VCID-47dt-fhqh-pkag"},{"vulnerability":"VCID-9kvx-465q-fkam"},{"vulnerability":"VCID-bqqh-5311-w7ca"},{"vulnerability":"VCID-tju2-c87e-5kcx"},{"vulnerability":"VCID-z8b6-9u9h-gkcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2014.20140926.35254-6"}],"aliases":["CVE-2015-5700"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ka9w-ss8w-sqhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/7047?format=json","vulnerability_id":"VCID-mxh6-rpb3-tbbq","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nHeap-based buffer overflow in the png_combine_row function in libpng, when running on systems, might allow context-dependent attackers to execute arbitrary code via a \"very wide interlaced\" PNG image.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9495.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9495.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9495","reference_id":"","reference_type":"","scores":[{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87715","published_at":"2026-05-16T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87713","published_at":"2026-05-15T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87705","published_at":"2026-05-14T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87672","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87659","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87663","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87644","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87628","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87615","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87617","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.8761","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87592","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87594","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87593","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87579","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87582","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87586","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87575","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87524","published_at":"2026-04-01T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87568","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87549","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87547","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03487","scoring_system":"epss","scoring_elements":"0.87534","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-9495"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9495","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9495"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/01/10/1","reference_id":"1","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:14:59Z/"}],"url":"http://www.openwall.com/lists/oss-security/2015/01/10/1"},{"reference_url":"http://www.securitytracker.com/id/1031444","reference_id":"1031444","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:14:59Z/"}],"url":"http://www.securitytracker.com/id/1031444"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179186","reference_id":"1179186","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1179186"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/01/04/3","reference_id":"3","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:14:59Z/"}],"url":"http://www.openwall.com/lists/oss-security/2015/01/04/3"},{"reference_url":"http://www.openwall.com/lists/oss-security/2015/01/10/3","reference_id":"3","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:14:59Z/"}],"url":"http://www.openwall.com/lists/oss-security/2015/01/10/3"},{"reference_url":"http://sourceforge.net/p/png-mng/mailman/message/33172831/","reference_id":"33172831","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:14:59Z/"}],"url":"http://sourceforge.net/p/png-mng/mailman/message/33172831/"},{"reference_url":"http://sourceforge.net/p/png-mng/mailman/message/33173461/","reference_id":"33173461","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:14:59Z/"}],"url":"http://sourceforge.net/p/png-mng/mailman/message/33173461/"},{"reference_url":"http://secunia.com/advisories/62725","reference_id":"62725","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:14:59Z/"}],"url":"http://secunia.com/advisories/62725"},{"reference_url":"http://www.securityfocus.com/bid/71820","reference_id":"71820","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-09T15:14:59Z/"}],"url":"http://www.securityfocus.com/bid/71820"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773823","reference_id":"773823","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773823"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773824","reference_id":"773824","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773824"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9495","reference_id":"CVE-2014-9495","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-9495"},{"reference_url":"https://security.gentoo.org/glsa/201502-10","reference_id":"GLSA-201502-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201502-10"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037648?format=json","purl":"pkg:deb/debian/texlive-bin@2014.20140926.35254-6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gpv-93qp-bfhn"},{"vulnerability":"VCID-47dt-fhqh-pkag"},{"vulnerability":"VCID-9kvx-465q-fkam"},{"vulnerability":"VCID-bqqh-5311-w7ca"},{"vulnerability":"VCID-tju2-c87e-5kcx"},{"vulnerability":"VCID-z8b6-9u9h-gkcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2014.20140926.35254-6"}],"aliases":["CVE-2014-9495"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mxh6-rpb3-tbbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48367?format=json","vulnerability_id":"VCID-qd9y-35s4-9kcp","summary":"Multiple vulnerabilities were found in texlive-core, allowing\n    attackers to execute arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1284.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-1284.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1284","reference_id":"","reference_type":"","scores":[{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94732","published_at":"2026-04-01T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94741","published_at":"2026-04-02T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94745","published_at":"2026-04-04T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94746","published_at":"2026-04-07T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94756","published_at":"2026-04-08T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.9476","published_at":"2026-04-09T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94763","published_at":"2026-04-11T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94768","published_at":"2026-04-13T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94775","published_at":"2026-04-16T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94779","published_at":"2026-04-18T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94781","published_at":"2026-04-21T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94782","published_at":"2026-04-24T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94783","published_at":"2026-04-26T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94785","published_at":"2026-04-29T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94793","published_at":"2026-05-05T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94801","published_at":"2026-05-07T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.9481","published_at":"2026-05-09T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94816","published_at":"2026-05-11T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94821","published_at":"2026-05-12T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94832","published_at":"2026-05-14T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94835","published_at":"2026-05-15T12:55:00Z"},{"value":"0.15978","scoring_system":"epss","scoring_elements":"0.94837","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-1284"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1284","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1284"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=492136","reference_id":"492136","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=492136"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520920","reference_id":"520920","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520920"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10203.txt","reference_id":"CVE-2009-1284;OSVDB-53562","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/dos/10203.txt"},{"reference_url":"https://security.gentoo.org/glsa/201206-28","reference_id":"GLSA-201206-28","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201206-28"},{"reference_url":"https://usn.ubuntu.com/937-1/","reference_id":"USN-937-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/937-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037646?format=json","purl":"pkg:deb/debian/texlive-bin@2009-8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3ggs-vja8-r3de"},{"vulnerability":"VCID-3gpv-93qp-bfhn"},{"vulnerability":"VCID-47dt-fhqh-pkag"},{"vulnerability":"VCID-9kvx-465q-fkam"},{"vulnerability":"VCID-bqqh-5311-w7ca"},{"vulnerability":"VCID-ka9w-ss8w-sqhb"},{"vulnerability":"VCID-mxh6-rpb3-tbbq"},{"vulnerability":"VCID-tju2-c87e-5kcx"},{"vulnerability":"VCID-z8b6-9u9h-gkcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2009-8"}],"aliases":["CVE-2009-1284"],"risk_score":0.2,"exploitability":"2.0","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qd9y-35s4-9kcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94089?format=json","vulnerability_id":"VCID-tju2-c87e-5kcx","summary":"In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distributed in TeXLive and other collections, sprintf is mishandled.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18604","reference_id":"","reference_type":"","scores":[{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41698","published_at":"2026-05-16T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41673","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41851","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41916","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41944","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41871","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41922","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41933","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41957","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41921","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41908","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41958","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.4193","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41859","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41797","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41789","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41708","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41567","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41637","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41653","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41562","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41589","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00198","scoring_system":"epss","scoring_elements":"0.41665","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-18604"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18604","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18604"},{"reference_url":"https://github.com/TeX-Live/texlive-source/commit/9216833a3888a4105a18e8c349f65b045ddb1079#diff-987e40c0e27ee43f6a2414ada73a191a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/TeX-Live/texlive-source/commit/9216833a3888a4105a18e8c349f65b045ddb1079#diff-987e40c0e27ee43f6a2414ada73a191a"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00033.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00033.html"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:axodraw2_project:axodraw2:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:axodraw2_project:axodraw2:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:axodraw2_project:axodraw2:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:axohelp.c_project:axohelp.c:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:axohelp.c_project:axohelp.c:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:axohelp.c_project:axohelp.c:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18604","reference_id":"CVE-2019-18604","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-18604"},{"reference_url":"https://usn.ubuntu.com/6695-1/","reference_id":"USN-6695-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6695-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1053587?format=json","purl":"pkg:deb/debian/texlive-bin@2020.20200327.54578-7%2Bdeb11u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-47dt-fhqh-pkag"},{"vulnerability":"VCID-bqqh-5311-w7ca"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2020.20200327.54578-7%252Bdeb11u1"}],"aliases":["CVE-2019-18604"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tju2-c87e-5kcx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/74711?format=json","vulnerability_id":"VCID-z8b6-9u9h-gkcp","summary":"security update","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17407.json","reference_id":"","reference_type":"","scores":[{"value":"7.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-17407.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17407","reference_id":"","reference_type":"","scores":[{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.8009","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80335","published_at":"2026-05-16T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80329","published_at":"2026-05-14T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80332","published_at":"2026-05-15T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80098","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80118","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80105","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80134","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80141","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.8016","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80144","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80136","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80166","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80169","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80198","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80208","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80223","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80236","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80259","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80275","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.8027","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01357","scoring_system":"epss","scoring_elements":"0.80287","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-17407"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17407","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17407"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1632802","reference_id":"1632802","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1632802"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909317","reference_id":"909317","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909317"},{"reference_url":"https://security.archlinux.org/ASA-201812-4","reference_id":"ASA-201812-4","reference_type":"","scores":[],"url":"https://security.archlinux.org/ASA-201812-4"},{"reference_url":"https://security.archlinux.org/AVG-770","reference_id":"AVG-770","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-770"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:1036","reference_id":"RHSA-2020:1036","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:1036"},{"reference_url":"https://usn.ubuntu.com/3788-1/","reference_id":"USN-3788-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3788-1/"},{"reference_url":"https://usn.ubuntu.com/3788-2/","reference_id":"USN-3788-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3788-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037649?format=json","purl":"pkg:deb/debian/texlive-bin@2016.20160513.41080.dfsg-2%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gpv-93qp-bfhn"},{"vulnerability":"VCID-47dt-fhqh-pkag"},{"vulnerability":"VCID-9kvx-465q-fkam"},{"vulnerability":"VCID-bqqh-5311-w7ca"},{"vulnerability":"VCID-tju2-c87e-5kcx"},{"vulnerability":"VCID-z8b6-9u9h-gkcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2016.20160513.41080.dfsg-2%252Bdeb9u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1053586?format=json","purl":"pkg:deb/debian/texlive-bin@2018.20181218.49446-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3gpv-93qp-bfhn"},{"vulnerability":"VCID-47dt-fhqh-pkag"},{"vulnerability":"VCID-9kvx-465q-fkam"},{"vulnerability":"VCID-bqqh-5311-w7ca"},{"vulnerability":"VCID-tju2-c87e-5kcx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2018.20181218.49446-1"}],"aliases":["CVE-2018-17407"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-z8b6-9u9h-gkcp"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49037?format=json","vulnerability_id":"VCID-4gwj-gm2f-uugx","summary":"Multiple vulnerabilities have been discovered in teTeX, possibly allowing\n    to execute arbitrary code or overwrite arbitrary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5936.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5936.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5936","reference_id":"","reference_type":"","scores":[{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2669","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26735","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26777","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26561","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26629","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2668","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26684","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2664","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26581","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26588","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26522","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26464","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26457","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26399","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26266","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26335","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26391","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.2632","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26336","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26418","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26442","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00096","scoring_system":"epss","scoring_elements":"0.26435","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5936"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5936","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5936"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=368611","reference_id":"368611","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=368611"},{"reference_url":"https://security.gentoo.org/glsa/200711-26","reference_id":"GLSA-200711-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-26"},{"reference_url":"https://usn.ubuntu.com/554-1/","reference_id":"USN-554-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/554-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037645?format=json","purl":"pkg:deb/debian/texlive-bin@2007.dfsg.2-4%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1upn-29dc-zfcc"},{"vulnerability":"VCID-3ggs-vja8-r3de"},{"vulnerability":"VCID-3gpv-93qp-bfhn"},{"vulnerability":"VCID-47dt-fhqh-pkag"},{"vulnerability":"VCID-4r5u-9w2z-rkgh"},{"vulnerability":"VCID-9kvx-465q-fkam"},{"vulnerability":"VCID-bqqh-5311-w7ca"},{"vulnerability":"VCID-ec4g-satx-pqg2"},{"vulnerability":"VCID-ka9w-ss8w-sqhb"},{"vulnerability":"VCID-mxh6-rpb3-tbbq"},{"vulnerability":"VCID-qd9y-35s4-9kcp"},{"vulnerability":"VCID-tju2-c87e-5kcx"},{"vulnerability":"VCID-z8b6-9u9h-gkcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2007.dfsg.2-4%252Blenny3"}],"aliases":["CVE-2007-5936"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4gwj-gm2f-uugx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49038?format=json","vulnerability_id":"VCID-4j8e-6t21-3ke9","summary":"Multiple vulnerabilities have been discovered in teTeX, possibly allowing\n    to execute arbitrary code or overwrite arbitrary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5937.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5937.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5937","reference_id":"","reference_type":"","scores":[{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.8403","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84044","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84061","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84062","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84085","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84092","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.8411","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84103","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84099","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.8412","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84123","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84125","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.8415","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84156","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84161","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84181","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84206","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84222","published_at":"2026-05-09T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84221","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84238","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.8427","published_at":"2026-05-14T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.8428","published_at":"2026-05-15T12:55:00Z"},{"value":"0.02107","scoring_system":"epss","scoring_elements":"0.84284","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5937"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5937","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5937"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=368641","reference_id":"368641","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=368641"},{"reference_url":"https://security.gentoo.org/glsa/200711-26","reference_id":"GLSA-200711-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-26"},{"reference_url":"https://usn.ubuntu.com/554-1/","reference_id":"USN-554-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/554-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037645?format=json","purl":"pkg:deb/debian/texlive-bin@2007.dfsg.2-4%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1upn-29dc-zfcc"},{"vulnerability":"VCID-3ggs-vja8-r3de"},{"vulnerability":"VCID-3gpv-93qp-bfhn"},{"vulnerability":"VCID-47dt-fhqh-pkag"},{"vulnerability":"VCID-4r5u-9w2z-rkgh"},{"vulnerability":"VCID-9kvx-465q-fkam"},{"vulnerability":"VCID-bqqh-5311-w7ca"},{"vulnerability":"VCID-ec4g-satx-pqg2"},{"vulnerability":"VCID-ka9w-ss8w-sqhb"},{"vulnerability":"VCID-mxh6-rpb3-tbbq"},{"vulnerability":"VCID-qd9y-35s4-9kcp"},{"vulnerability":"VCID-tju2-c87e-5kcx"},{"vulnerability":"VCID-z8b6-9u9h-gkcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2007.dfsg.2-4%252Blenny3"}],"aliases":["CVE-2007-5937"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4j8e-6t21-3ke9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49036?format=json","vulnerability_id":"VCID-8qud-4v19-tyh4","summary":"Multiple vulnerabilities have been discovered in teTeX, possibly allowing\n    to execute arbitrary code or overwrite arbitrary files.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5935.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-5935.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5935","reference_id":"","reference_type":"","scores":[{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.90942","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.90948","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.90957","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.90967","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.90978","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.90983","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.90992","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.90991","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.91017","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.91015","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.91031","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.91029","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.91026","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.91041","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.91056","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.91069","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.91068","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.91076","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.91087","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.91094","published_at":"2026-05-15T12:55:00Z"},{"value":"0.0635","scoring_system":"epss","scoring_elements":"0.91093","published_at":"2026-05-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2007-5935"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5935","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5935"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=368591","reference_id":"368591","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=368591"},{"reference_url":"https://security.gentoo.org/glsa/200711-26","reference_id":"GLSA-200711-26","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200711-26"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0399","reference_id":"RHSA-2010:0399","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0399"},{"reference_url":"https://access.redhat.com/errata/RHSA-2010:0401","reference_id":"RHSA-2010:0401","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2010:0401"},{"reference_url":"https://usn.ubuntu.com/554-1/","reference_id":"USN-554-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/554-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1037645?format=json","purl":"pkg:deb/debian/texlive-bin@2007.dfsg.2-4%2Blenny3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1upn-29dc-zfcc"},{"vulnerability":"VCID-3ggs-vja8-r3de"},{"vulnerability":"VCID-3gpv-93qp-bfhn"},{"vulnerability":"VCID-47dt-fhqh-pkag"},{"vulnerability":"VCID-4r5u-9w2z-rkgh"},{"vulnerability":"VCID-9kvx-465q-fkam"},{"vulnerability":"VCID-bqqh-5311-w7ca"},{"vulnerability":"VCID-ec4g-satx-pqg2"},{"vulnerability":"VCID-ka9w-ss8w-sqhb"},{"vulnerability":"VCID-mxh6-rpb3-tbbq"},{"vulnerability":"VCID-qd9y-35s4-9kcp"},{"vulnerability":"VCID-tju2-c87e-5kcx"},{"vulnerability":"VCID-z8b6-9u9h-gkcp"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2007.dfsg.2-4%252Blenny3"}],"aliases":["CVE-2007-5935"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8qud-4v19-tyh4"}],"risk_score":"4.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/texlive-bin@2007.dfsg.2-4%252Blenny3"}