{"url":"http://public2.vulnerablecode.io/api/packages/104010?format=json","purl":"pkg:rpm/redhat/qt5-qtimageformats@5.9.7-2?arch=el7_9","type":"rpm","namespace":"redhat","name":"qt5-qtimageformats","version":"5.9.7-2","qualifiers":{"arch":"el7_9"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81568?format=json","vulnerability_id":"VCID-9jcb-yrmd-7uen","summary":"libwebp: heap-based buffer overflow in WebPDecode*Into functions","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36328.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36328.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36328","reference_id":"","reference_type":"","scores":[{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.66988","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67026","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.6705","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67025","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67074","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67087","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67106","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67092","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67061","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67094","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67108","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67089","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.6711","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67133","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67172","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67146","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67169","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00527","scoring_system":"epss","scoring_elements":"0.67233","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36328"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1956829","reference_id":"1956829","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1956829"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36328","reference_id":"CVE-2020-36328","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2260","reference_id":"RHSA-2021:2260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2328","reference_id":"RHSA-2021:2328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2354","reference_id":"RHSA-2021:2354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2364","reference_id":"RHSA-2021:2364","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2364"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2365","reference_id":"RHSA-2021:2365","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2365"},{"reference_url":"https://usn.ubuntu.com/4971-1/","reference_id":"USN-4971-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4971-1/"},{"reference_url":"https://usn.ubuntu.com/4971-2/","reference_id":"USN-4971-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4971-2/"}],"fixed_packages":[],"aliases":["CVE-2020-36328"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9jcb-yrmd-7uen"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83199?format=json","vulnerability_id":"VCID-hjha-gt3s-s3e3","summary":"libwebp: use of uninitialized value in ReadSymbol()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25014.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25014.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-25014","reference_id":"","reference_type":"","scores":[{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35716","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36096","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35866","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35834","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35747","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.3563","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35698","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.3572","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35628","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35651","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36121","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36162","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36148","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00578","scoring_system":"epss","scoring_elements":"0.68766","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00578","scoring_system":"epss","scoring_elements":"0.68785","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00578","scoring_system":"epss","scoring_elements":"0.68805","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00578","scoring_system":"epss","scoring_elements":"0.68783","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00578","scoring_system":"epss","scoring_elements":"0.68834","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00578","scoring_system":"epss","scoring_elements":"0.68853","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00578","scoring_system":"epss","scoring_elements":"0.68876","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00578","scoring_system":"epss","scoring_elements":"0.68861","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-25014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1956927","reference_id":"1956927","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1956927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2328","reference_id":"RHSA-2021:2328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:4231","reference_id":"RHSA-2021:4231","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:4231"},{"reference_url":"https://usn.ubuntu.com/4971-1/","reference_id":"USN-4971-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4971-1/"},{"reference_url":"https://usn.ubuntu.com/4971-2/","reference_id":"USN-4971-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4971-2/"}],"fixed_packages":[],"aliases":["CVE-2018-25014"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hjha-gt3s-s3e3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/81569?format=json","vulnerability_id":"VCID-k4yg-g6p1-kkbz","summary":"libwebp: use-after-free in EmitFancyRGB() in dec/io_dec.c","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36329.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36329.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36329","reference_id":"","reference_type":"","scores":[{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66029","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66071","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66099","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66066","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66115","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66127","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66147","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66134","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66104","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.6614","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66153","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66141","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66162","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66174","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66173","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66152","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66196","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66239","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66211","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66231","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00503","scoring_system":"epss","scoring_elements":"0.66289","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-36329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1956843","reference_id":"1956843","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1956843"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36329","reference_id":"CVE-2020-36329","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36329"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2260","reference_id":"RHSA-2021:2260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2328","reference_id":"RHSA-2021:2328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2354","reference_id":"RHSA-2021:2354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2364","reference_id":"RHSA-2021:2364","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2364"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2365","reference_id":"RHSA-2021:2365","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2365"},{"reference_url":"https://usn.ubuntu.com/4971-1/","reference_id":"USN-4971-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4971-1/"},{"reference_url":"https://usn.ubuntu.com/4971-2/","reference_id":"USN-4971-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4971-2/"}],"fixed_packages":[],"aliases":["CVE-2020-36329"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k4yg-g6p1-kkbz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83238?format=json","vulnerability_id":"VCID-t16b-mbs7-wfc1","summary":"libwebp: heap-based buffer overflow in PutLE16()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25011.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-25011.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-25011","reference_id":"","reference_type":"","scores":[{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59067","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.5914","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59164","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59128","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59179","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59192","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59211","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59194","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59175","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.5921","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59215","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59195","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59178","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59197","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59183","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59188","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59245","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59202","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.59229","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00376","scoring_system":"epss","scoring_elements":"0.593","published_at":"2026-05-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-25011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25013"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-25014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36328"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36331"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36332"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1956919","reference_id":"1956919","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1956919"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2260","reference_id":"RHSA-2021:2260","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2260"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2328","reference_id":"RHSA-2021:2328","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2328"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2354","reference_id":"RHSA-2021:2354","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2354"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2364","reference_id":"RHSA-2021:2364","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2364"},{"reference_url":"https://access.redhat.com/errata/RHSA-2021:2365","reference_id":"RHSA-2021:2365","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2021:2365"},{"reference_url":"https://usn.ubuntu.com/4971-1/","reference_id":"USN-4971-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4971-1/"},{"reference_url":"https://usn.ubuntu.com/4971-2/","reference_id":"USN-4971-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4971-2/"}],"fixed_packages":[],"aliases":["CVE-2018-25011"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t16b-mbs7-wfc1"}],"fixing_vulnerabilities":[],"risk_score":"4.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/qt5-qtimageformats@5.9.7-2%3Farch=el7_9"}